SpireTech Blog - Tag: Phishing
Avoid phishing emails by reading these posts.
used with permission from Norton by Symantec, by Nadia Kovacs
Employees are on the front lines of information security. The more that can be done to regularly educate yourself of the small things you can do can go a long way towards protecting your organization.
Since it is the beginning of the year, many people are returning to work and trying to get out of “vacation mode.” (Us too!) We’ve decided to outline some tips to help you throughout the year to stay safe online while protecting your company in the process.
General Best Practices
- Avoid providing personal information when answering an email, unsolicited phone call, text message or instant message.
- Never enter personal information in a pop-up web page or anywhere else that you did not initiate.
- Keep security software and all other software programs updated.
Cyber Security Best Practices
- Phishers will try to trick employees into installing malware, or gain intelligence for attacks by claiming to be from IT.
used with permission from Norton by Symantec
by Nadia Kovacs
Spear phishing isn’t what you do when you’re on vacation in Hawaii. It’s a targeted attack on your personal information. An updated version of the old trick “phishing,” where scam artists simply ask you for your password or other private information, spear phishing takes this trick to the next level, using social engineering. Before you respond to that email asking for you to verify your address or other personal information, read this article to protect yourself against spear phishing.
What Is Spear Phishing?
Spear phishing effectively uses all the data that’s on the Internet about you to lull you into an inappropriate sense of comfort before attempting to get your personal information. Because this technique is so successful, it accounts for approximately 91 percent of all phishing in the United States today.
Think about it: How much about you is on the Internet? Read more...
After some recent discussions with some clients and family, it occurred to me that many people still have questions about how to tell “fake” emails from real ones – so I thought it might be a good time to point out some sure-fire ways to know when to hit that delete button:
- Listen to your gut. If it comes from a company or person you don’t know or do business with, delete it.
- One of my favorites is URL link inspection. If you hold your mouse over a link without clicking it (press-and-hold on an iPad), you will see the URL that appears (sometimes at the bottom of your mail program) of where that clicking that link will go. You have to look at the beginning part of the domain name. Ninety-five percent of the time, this will not be someplace you want to go.
- If you are looking at the URLs via the inspection technique above, be aware that some “fake” URLs can be spelled similarly to “real” ones, so be on the lookout for misleading ones.
Phishing scams are at the top of cyber criminals’ moneymaking lists. It’s disturbing that the important data of organizations such as Sony are under threat from phishing scams. But in contrast to the widespread notion, these scams affect small enterprise owners as much as they affect the big corporations.
The Internet Crime Complaint Center (partners with the FBI) and the National White Collar Crime Center (NW3C) have reported more than 300,000 cases of online phishing scams and other Internet related crimes.
To give you a better comprehension as to why your small business is of great value to a cyber criminal, let’s take a look at what phishing is exactly.
What is phishing?
What does “phishing” mean? Phishing is the attempt to access private data, such as financial information, usernames, and passwords. This is attained by making false websites, graphics, email accounts, and phone numbers. The subject is convinced, by one method or another, to reveal these types of data that may be used to steal their identity (social security numbers are a popular target). Read more...