Cyber Security Awareness - Phishing

Phishing

Phishing attacks are attempts to collect sensitive information such as social security numbers, passwords, usernames, credit cards (and sometimes cash - usually in the form of a wire transfer) in the form of an electronic communication. When attackers get the victim to bite the bait then phishing succeeds. This usually involves the attackers disguising themselves via Social Engineering as a trustworthy entity in an electronic communication.

  • Never send passwords, bank account numbers, or other private information in an email.
  • Avoid clicking links in emails, especially any that are requesting private information.
  • Be wary of any unexpected email attachments or links, even from people you know.
  • Never enter private or personal information into a popup.
  • Look for "https://" and a lock icon in the address bar before entering any private information.
  • Have an updated anti-virus program that can scan email.

Helpful Information

Phishing is not limited to "spam" (aka junk email) so here are some other areas in which phishing may occur:

  • Social Networking websites
  • Online ads
  • Unsolicited phone calls
  • Status updates
  • Tweets and other posts

Don't Take the Bait

Be safe. Don't bite the bait. When in doubt throw the questionable communication out.

  • Don't click on links that are questionable in any electronic form (email, webpages, status updates, tweets, online ads, etc.).
  • Throw out questionable emails that don't look proper or ask you for sensitive information.
  • Don't give out credit card information or other personally identifiable information (PII) to phone solicitors you don't know.

Own Your Online Presence

  • Consider hiding your email address from online profiles like social networking sites.
  • Only allow certain people to view your personal information.

Don't Respond

Don't respond to unsolicited communication, and verify the communication from companies you do business with by directly calling them.

  • Use a contact information from statements provided by that company.
  • Never use contact information from the suspicious electronic communication.

Tricked?

Do you feel you may have been tricked by a phishing email?

For more detailed information on phishing you may also view the Federal Trade Commission's website.

Many thanks to the University of Georgia's Office of Information Security department for allowing us to use their image concepts for our campaign to help combat cybercrime. It is this type of shared governance and shared responsibility that will hopefully slow down the attackers and create a safer environment for us all.
Was this helpful?
0 reviews

Details

Article ID: 11967
Created
Wed 3/30/16 9:08 AM
Modified
Mon 8/15/22 8:21 AM

Related Articles (4)

Identity Theft is defined as the fraudulent acquisition and use of an individual's personally identifying information, usually for financial gain. Key pieces of personally identifying information include such items as social security, insurance, or driver's license numbers. Thieves who steal such information may then use it to obtain credit, merchandise, or medical drugs and services, all in the name of the victim.
Malware is a general term for any software that can interrupt computer operations, gather sensitive information, or gain access to a system of computers. Malware may include computer viruses, worms, trojan horses, ransomware, spywear, adware, and scareware to name a few.
Mobile Security refers to security of personal and business-related information stored on mobile devices such as smartphones and tablets. These mobile devices are targets for attacks because a lot of people leave them on all the time, unlike regular computers.
Always use a strong password to protect your computer, mobile device and online accounts. Select a strong password with a mix of upper and lower case letters, numbers and special characters.