Phishing and Malware
Spear Phishing is an email spoofing fraud attempt that targets a specific organization seeking unauthorized access to confidential data. While spear phishing is similar to a phishing email, the messages are typically more personalized, making it appear that they are from a person or organization that you are familiar with - - a trusted source. The success of spear phishing hinges on its ability to appear authentic and how logical the request seems to be. Everyone with an email address is a potential target.
The Division of Information Technology, (IT) continues to make improvements to security, however, the best defense against these attacks is knowing how to spot and report them. Through partnership with the vendor PhishMe, the Division of IT launched an awareness program to help employees learn about the dangers of email fraud, specifically, email spear-phishing. Scenarios are developed collaboratively, and used for educational purposes.
The program is focused on spear phishing attacks in the work place and sends out simulated phishing emails that mimic real ones. If you get “reeled in” or “hooked” by a simulated phishing email, a training module will be presented to you, along with tips on how to recognize phishing email attempts and how to avoid becoming a victim in the future. The tips are applicable to home use to help you protect yourself from identity theft and help you to protect your financial account information.
Data Breaches and Information Security Risks
In this modern world, the use of technology is increasing day by day. Every single person as well as large and multi-national organizations are emphasizing for utilizing the technology and making their life comfortable. Individuals use technology, especially Internet as a mode of communication, interacting with friends and family, knowing about world affairs, online shopping, and much more. Additionally, large companies and organizations use the Internet to get closer to their customers, make an online relationship with them, providing more and quick services to the customers.
The companies also create a profile of the company online and also ask their customers to make their online profile on a company website which might bring more royalty from their customers. Customers who create profiles or any type of account, are more likely to come back to get other services. Therefore, companies can easily compile the profiles of their customers and have targeted marketing directed at their needs. On the other hand, customers who have created such a profile, believe that their data will be kept secret, safe, and will not be misplaced or compromised by the company staff or any other type of unauthorized usage. If there is any lack of trust between their clients and the company, privacy issues will take place, and these issues can create problems for organizations later on and they might face difficulty in maintaining and developing a healthy relationship with their customers. Companies who collect data are required by law to keep their data secure. There are three specific concerns regarding information security and privacy, which are identified frequently by the consumers, and these are:
unauthorized use of the data by external entities,
security risks and data breaches,
and lack of penetration testing by the application developers and errors that may arise.
A survey has concluded results that both privacy invasion and errors has an inverse relationship with the online purchasing behaviour; although, it seemed that unauthorized use of the data has little impact. The managerial implications include the selection of channels of communications for greater impact, accurate data handling, and maintenance of permission-based contact with the users.
Statistics about Internet Privacy
- More than 21 per cent of Internet user’s social networking account or email account is compromised or data has been taken without permission.
- 86 per cent of people have tried to take a step to remove their online digital footprints.
- 55 per cent people has taken a step, in order to avoid observations (By any specific person, government or organization)
- Data of more than 11 per cent Internet users has been stolen. This data includes credit card number, passwords and bank account information.
- 68% of people have the opinion that current laws are not enough for protecting the privacy of Internet users (Susskind, 2013)
- Global Security Attacks
- Below you will find a link to live security attacks around the globe. Most of Security Companies, share their data in order to be able to prevent data breaches and attacks around the globe.
- Live Security Attacks
Perhaps, one of the biggest complacency risks out there is the “Apple syndrome” - as in, “I’m not at risk of malware because I use a Mac.”
Many users believe that their Apple device is immune to the viruses; however, this is a myth. Although the number if viruses targeting a mac operating system platform is fewer than PC platform, macs also get viruses and they can get damaged.
For the past few years, a new trend overtook the business market by criminals. Most of the Ransomware attacks, have taken place because employers failed to educate and train their employees.
In these cases, a malicious piece of software, sent by a criminal, takes over your files, and encrypts those with a secret key. Afterwards, displays a message asking for most common cryptocurrency to give you back your files.
Reading about the tech industry trends, and updating your devices can prevent data loss.
Many users do not consider themselves as a high target. however ransomware can sit on your device for a long time and the get activated at work when you take your own device to work. Even if you connected to a wireless network, the ransomware can use your network connection and spread across the network.
IT Training Resources
Browse to the list of Resources to learn how to protect your information and property.
Help And Support
If you have any questions, or need assistance, please contact the IT HelpDesk at firstname.lastname@example.org or for Staff and Faculty, and for Students.