Be a Little More Secure This New Year and Avoid Phishing Attacks
Embed Size (px)
Holiday season is here and everyone is excited about gifts, shopping and leisure time. Season’s sales has soared to $602 billion and online sales is going upward of $60 billion. The fact that online sales are high and it’s a holiday season hackers are on their toes to get the most out of it. Protect yourself from phishing scams and maintain your online security by learning how you can do it.
Transcript of Be a Little More Secure This New Year and Avoid Phishing Attacks
- Be A Little More Secure This New Year And Avoid Phishing Attacks Holiday season is here and everyone is excited about gifts, shopping and leisure time. Seasons sales has soared to $602 billion and online sales is going upward of $60 billion. The fact that online sales are high and its a holiday season hackers are on their toes to get the most out of it. Visit Blog
- What Is A Phishing Attack? 03/01/2014 Phishing is a way for hackers to take advantage by disguising as a trusted source and luring the person to reveal his/her crucial information. A common medium used in this process is Email. SmartSignin| Be A Little More Secure This New Year 2
- How Phishing Works? Victim gets a professional looking email which asks them to take a particular action like stopping the account termination or stopping a financial transaction which never actually took place. Realizing the urgency of the situation user doesnt double check the authenticity of the email and takes the action as specified thereby exposing themselves to serious threats. Mostly of these emails are targeted to obtain the users login credentials of banks and other financial services. 03/01/2014 SmartSignin| Be A Little More Secure This New Year 3
- EXAMPLES OF PHISHING
- Phishing email from Apple An authentic looking email from Apple. 03/01/2014 SmartSignin| Be A Little More Secure This New Year 5
- Phishing email from Paypal Yet another professional looking email from PayPal which is actually a phishing email. 03/01/2014 SmartSignin| Be A Little More Secure This New Year 6
- SOME COMMON TRAITS How to identify and check the authenticity of the email.
- Check the sender of the email: If youre getting an email from Apple but the senders address is @gmail.com or @live.com then its a clear sign of potential threat. Personalization is always absent in such emails. Hackers send these emails in bulk hence they cant personalize it. They will mostly address you as Dear Member or Hi there etc.
- If the offer is too good to be true then its not true: Nobody has left a ton of money for you. You wont get a brand new iPad for free or at dirt cheap price. Beware of such claims as these are mere tactics to lure you in.
- No financial institution asks for your access credentials via email: Dont share your credentials. If you smell something fishy, call your bank directly and ask them if they have sent out such emails.
- Avoid downloading attachments from unknown senders: Unless you are expecting one, avoid downloading any attachments from unknown senders.
- Use updated antivirus, firewall, spam filters to block viruses and spywares.
- Check the URL of the landing page: If you did click the link in the phishing email double check the URL of the page you are taken to. The fake URLs looks similar to the real URL but are entirely different. For example, http://www.apple.login-user.com might look like the user login section of Apple but its actually a phishing URL.
- Dont enter your login information in a pop up: Its a common tactic for hackers to redirect a user to the real website but a pop up will open up as soon as you reach the website which will ask you to enter the login credentials. This makes the user think that the real website is asking them to enter their login credentials. Image from CNN e-mail phishing attack, 2009
- Look For s in http Websites having https in their URL are secure so always make sure that you are on a secure website before entering your critical information.
- How To Protect Your Organization From Phishing Attacks?
- Recently, twitter accounts of many different media websites have been compromised by hacker groups. This was done with the help of social engineering, starting with the phishing attacks targeted towards the employees. Human has always been the weakest link in the security and hence if one employee falls for it, a domino effect is automatically initiated.
- 1 STEP 1 - Enforce strong policies The first and foremost step to protect your organization is to enforce strong policies among the employees.
- 2 STEP 2 Following Best Web Security Training & Practices Second step calls for regular training of employees on the basics of web security so they can uphold the security best practices and protect the companys resources.
- 2 STEP 3 Implement Secure Identity & Access Management System Third stage is to implement a secure Identity & Access Management system to ensure that employees can access companys resources that are relevant to their work. Moreover an IAM system helps administrator to give access to the employees without letting them know the access credentials and hence phishing attacks cannot be successful. Apart from this, administrator can also monitor and maintain the logs of when, how and from where an employee accessed a particular resource thereby keeping a tab on all the activities.
- Want To See How Identity & Access Management Tool Can Help Your Organization?
- Be a little more aware this holiday season. Happy New year!!
- To understand the presentation in depth read the following article Be A Little More Secure This New Year About SmartSignin SmartSignin is a Single Sign-On and Identity & Access Management suite that helps in managing the online identities and the access of employees, customers and partners to the company resources. SmartSignin is a product of PerfectCloud Corp. Being an Identity Management service provider, SmartSignin works on a unique patent-pending SmartKey algorithm which allows users to manage their own decryption keys for their critical data. This architecture provides users with complete security and privacy. To know more: Visit SmartSignin Website If you have any queries or feedback, contact us by filling up the form on the following link Contact SmartSignin