Cyber-Security Threats

Types of Cyber Threats

Phishing

Phishing Is an attempt to scam you or trick you into sharing login information or other personal information online. Phishing is usually done through email, pop up ads, or sites that look similar to ones you’re already used to. Phishing emails are emails your receive from an unknown sender with an attachment in the email or a link to a third party website. The goal of the phisher is to have you open the attachment or to click the link which usually contains a virus or harmful software to put on your computer.  Some phishing attacks are obviously fake. Others can be sneaky and really convincing, like when a scammer sends you a message that includes some of your personal information. Thatʼs called spear-phishing and it can be very difficult to spot.

Ways to spot a phishing attack

  • Does it look professional like other websites you trust, with the product’s or company’s usual logo and with text that is free of spelling errors?
  • Does the siteʼs URL – the address of a website – match the product’s or company’s name and information youʼre looking for?
  • Does the URL start with https:// (That means the connection is secure.) If not, it may be a scam.
  • Is it asking for your personal information? Some websites ask for personal information so they can send you more scams. For example, quizzes or “personality tests” could be gathering facts to make it easy to guess your password or other secret information.
  • Is the email or site offering something that sounds too good to be true, like a chance to make a lot of money? If it sounds too good to be true, it usually is a scam.

If you do get tricked by a scam, let your friends and people in your contacts know right away, because they could be targeted next, and make sure you change your passwords immediately.

Here are some examples of phishing emails. Click on image to see larger view

Other Common Cyber-Threats

Catfishing – creating a fake identity or account on a social networking service to trick people into sharing their personal information or into believing they are talking to a real person behind a legitimate account.

Spyware – when someone offers you something for “free” over email, but in reality they are installing malware onto your computer. It usually occurs in the form of downloading and steals your information by viewing the websites you visit, the programs you use, and any other information they can steal like passwords and personal information.

Social Engineering – when someone tricks you into giving out confidential information. Usually compromising the security of data or giving access to your network. An example of this is someone posing as a technician and pretending to work on your network but in reality they are installing spyware or other malware to access personal/sensitive data.

Identity Theft – when one illegally assumes someone’s identity to gain access to that person’s personal information, most likely someone’s finances to frame them for a crime. This is usually completed via a phishing email. (see phishing email).

Hacking – when you or someone accesses another person’s computer without their permission. This usually occurs when someone plans to steal information, tamper data or send out spam.

Ways our Computers Prevents Phishing Attacks 

Luckily our email systems use practices to help prevent phishing attacks and other hacks. Three of the techniques they use are:

Encryption – the process of translating an email message into hidden form using a secret formula or algorithm.

Two-step verification – a security process where logging into a service requires two separate steps such as a password and a one-time code. For example, you may have to enter your password and then enter a code that was texted to your phone or a code from an app.

Email Spam Filters – our email servers automatically recognize some messages as fraudulent and spam emails and place them in a “junk-box” for review prior to opening.

adminCyber-Security Threats