Upload File

beware of phishing scams

7
SUSPICIOUS ACTIVITY REPORTING Report Phishing Attacks to Your Local Information Assurance Officer and your servicing Network Enterprise Center (NEC)

Upload: noel-waterman

Post on 12-Nov-2014

966 views

Category:

Documents


2 download

Report

DESCRIPTION

The cyber threat to our Army and Nation is pervasive and most often target, human behavior through social engineering. The best mitigation measure for this risk is to increase cyber awareness by educating our Soldiers, Family Members, Government Civilians, and Contractors. HQDA has directed Army Antiterrorism Quarterly Theme Cyber Threat Awareness (2Q/FY13). For more information on Cyber Security, visit http://www.staysafeonline.org/stay-safe-online/

TRANSCRIPT

Page 1: Beware of Phishing Scams

SUSPICIOUS ACTIVITY REPORTING

Why Phishing Works

•Weareeasilyenticed—wetrustknownbrands/logos

•Lackofusereducationandawareness

•LackofInformationAssuranceknowledgeandwarningindicators

•Visuallydeceptivetext

•Imagemasking

•ImagemimickingWindows

What is Phishing?Phishingisanattemptbyanindividualorgrouptosolicitpersonalinformationfromunsuspectingusersbyemployingsocialengineeringtechniques(i.e.,manipulatingpeopleintoperformingactionsordivulgingconfidentialinformation).Phishingemailsarecraftedtoappearasiftheyweresentfromalegitimateorganizationorknownindividual.Theseemailsoftenattempttoattractuserstoclickonalinkthatwilltaketheusertoafraudulentwebsitethatappearslegitimate.Theuserthenmaybeaskedtoprovidepersonalinformation,suchasaccountusernamesandpasswordsthatcanfurtherexposethem,theirnetwork,andtheirunittofuturecompromises.

Inordertofullyunderstandphishingandhowitcanimpactyouandyourunit,youshouldbeawarethattherearedifferenttypesofphishing:

Phishingisusuallyane-mailsenttoalargegroupofpeoplethatattemptstoscamtherecipients.Thepeoplethemessageissenttooftendonothaveanythingincommon.

Spear phishingisamessagesenttoasmaller,moreselectgroupoftargetedpeopleortoasingleindividual.

Whaling or whale phishingisahighlypersonalizedmessagesenttoseniorexecutives,high-levelofficials,ortheirpersonalexecutivestaffmembers.

Help! I think I’ve been

Phished!Anti Phishing Quick Reaction Drill

• Changeyourpasswordimmediatelyattherealwebsite:

• Typethewebsitenameinyourbrowser’saddressbar.

• Signintoyouraccountandclickthe“userprofile”or“changepassword”link.

• Followthewebsite’sinstructionstochangeyouraccountinformationandpassword.

• Clickthe“contactus”linkfoundonmostwebsitesandinformthemaboutthephishingattackyoujustexperienced.

• Ifyouareusingagovernmentcomputer,contactyourlocalInformationAssuranceOfficerandservicingNetworkEnterpriseCenter(NEC).

Recognizing & Avoiding Email Scams:http://www.us-cert.gov/reading_room/emailscams_0905.pdf

Report Phishing Attacks to Your Local Information Assurance Officer and your servicing Network

Enterprise Center (NEC)

Page 2: Beware of Phishing Scams

SUSPICIOUS ACTIVITY REPORTING

Why Phishing Works

• Weareeasilyenticed—wetrustknownbrands/logos

• Lackofusereducationandawareness

• LackofInformationAssuranceknowledgeandwarningindicators

• Visuallydeceptivetext

• Imagemasking

• ImagemimickingWindows

What is Phishing?Phishingisanattemptbyanindividualorgrouptosolicitpersonalinformationfromunsuspectingusersbyemployingsocialengineeringtechniques(i.e.,manipulatingpeopleintoperformingactionsordivulgingconfidentialinformation).Phishingemailsarecraftedtoappearasiftheyweresentfromalegitimateorganizationorknownindividual.Theseemailsoftenattempttoattractuserstoclickonalinkthatwilltaketheusertoafraudulentwebsitethatappearslegitimate.Theuserthenmaybeaskedtoprovidepersonalinformation,suchasaccountusernamesandpasswordsthatcanfurtherexposethem,theirnetwork,andtheirunittofuturecompromises.

Inordertofullyunderstandphishingandhowitcanimpactyouandyourunit,youshouldbeawarethattherearedifferenttypesofphishing:

Phishingisusuallyane-mailsenttoalargegroupofpeoplethatattemptstoscamtherecipients.Thepeoplethemessageissenttooftendonothaveanythingincommon.

Spear phishingisamessagesenttoasmaller,moreselectgroupoftargetedpeopleortoasingleindividual.

Whaling or whale phishingisahighlypersonalizedmessagesenttoseniorexecutives,high-levelofficials,ortheirpersonalexecutivestaffmembers.

Help! I think I’ve been

Phished!Anti Phishing Quick Reaction Drill

•Changeyourpasswordimmediatelyattherealwebsite:

•Typethewebsitenameinyourbrowser’saddressbar.

•Signintoyouraccountandclickthe“userprofile”or“changepassword”link.

•Followthewebsite’sinstructionstochangeyouraccountinformationandpassword.

•Clickthe“contactus”linkfoundonmostwebsitesandinformthemaboutthephishingattackyoujustexperienced.

•Ifyouareusingagovernmentcomputer,contactyourlocalInformationAssuranceOfficerandservicingNetworkEnterpriseCenter(NEC).

Recognizing & Avoiding Email Scams:http://www.us-cert.gov/reading_room/emailscams_0905.pdf

Report Phishing Attacks to Your Local Information Assurance Officer and your servicing Network

Enterprise Center (NEC)

Page 3: Beware of Phishing Scams

SUSPICIOUS ACTIVITY REPORTING

Why Phishing Works

• Weareeasilyenticed—wetrustknownbrands/logos

• Lackofusereducationandawareness

• LackofInformationAssuranceknowledgeandwarningindicators

• Visuallydeceptivetext

• Imagemasking

• ImagemimickingWindows

What is Phishing?Phishingisanattemptbyanindividualorgrouptosolicitpersonalinformationfromunsuspectingusersbyemployingsocialengineeringtechniques(i.e.,manipulatingpeopleintoperformingactionsordivulgingconfidentialinformation).Phishingemailsarecraftedtoappearasiftheyweresentfromalegitimateorganizationorknownindividual.Theseemailsoftenattempttoattractuserstoclickonalinkthatwilltaketheusertoafraudulentwebsitethatappearslegitimate.Theuserthenmaybeaskedtoprovidepersonalinformation,suchasaccountusernamesandpasswordsthatcanfurtherexposethem,theirnetwork,andtheirunittofuturecompromises.

Inordertofullyunderstandphishingandhowitcanimpactyouandyourunit,youshouldbeawarethattherearedifferenttypesofphishing:

Phishingisusuallyane-mailsenttoalargegroupofpeoplethatattemptstoscamtherecipients.Thepeoplethemessageissenttooftendonothaveanythingincommon.

Spear phishingisamessagesenttoasmaller,moreselectgroupoftargetedpeopleortoasingleindividual.

Whaling or whale phishingisahighlypersonalizedmessagesenttoseniorexecutives,high-levelofficials,ortheirpersonalexecutivestaffmembers.

Help! I think I’ve been

Phished!Anti Phishing Quick Reaction Drill

•Changeyourpasswordimmediatelyattherealwebsite:

•Typethewebsitenameinyourbrowser’saddressbar.

•Signintoyouraccountandclickthe“userprofile”or“changepassword”link.

•Followthewebsite’sinstructionstochangeyouraccountinformationandpassword.

•Clickthe“contactus”linkfoundonmostwebsitesandinformthemaboutthephishingattackyoujustexperienced.

•Ifyouareusingagovernmentcomputer,contactyourlocalInformationAssuranceOfficerandservicingNetworkEnterpriseCenter(NEC).

Recognizing & Avoiding Email Scams:http://www.us-cert.gov/reading_room/emailscams_0905.pdf

Report Phishing Attacks to Your Local Information Assurance Officer and your servicing Network

Enterprise Center (NEC)

Page 4: Beware of Phishing Scams

User Awareness•Mostphishingattemptsareforidentitytheft,butphishingisalsobeingusedtogainaccesstoonlinebanking,federal,andDoDinformation

• PhishingAttackscanbegearedtocollectpersonalinformationsuchas:SSN,mother’smaidenname,dateofbirth,passwords,creditcardnumbers,etc.

• Phishingemailsnotonlyattempttotrickyouintogivingoutsensitiveinformation,butalsocanincludemalicioussoftware

•MalicioussoftwarecanbevirusesandothercomputercodedesignedtoallowahackertouseyourcomputerforillegalInternetactivity,ortoaccessyourunit’snetworktogatherDoDinformation

•Maliciouscodemaycaptureyourkeystrokesorcaptureyourpersonalandworkfilesandsendthemtopeoplewithoutyourknowledge

How Phishing Works

Protect Yourself and Your Organization

DO

• Watchoutforphishing

• Deletesuspiciousemails

• ContactyourInformationAssuranceOfficeroryourservicingNetworkEnterpriseCenter(NEC)ifyouhavequestionsaboutemails

• Reportanypotentialincidents

DO NOT • Opensuspiciousemails

• Clickonsuspiciouslinksinemailsorpop-upwindows

• Calltelephonenumbersprovidedinsuspiciousemails

• Discloseanyinformation

Page 5: Beware of Phishing Scams

User Awareness•Mostphishingattemptsareforidentitytheft,butphishingisalsobeingusedtogainaccesstoonlinebanking,federal,andDoDinformation

• PhishingAttackscanbegearedtocollectpersonalinformationsuchas:SSN,mother’smaidenname,dateofbirth,passwords,creditcardnumbers,etc.

• Phishingemailsnotonlyattempttotrickyouintogivingoutsensitiveinformation,butalsocanincludemalicioussoftware

•MalicioussoftwarecanbevirusesandothercomputercodedesignedtoallowahackertouseyourcomputerforillegalInternetactivity,ortoaccessyourunit’snetworktogatherDoDinformation

•Maliciouscodemaycaptureyourkeystrokesorcaptureyourpersonalandworkfilesandsendthemtopeoplewithoutyourknowledge

How Phishing Works

Protect Yourself and Your Organization

DO

• Watchoutforphishing

• Deletesuspiciousemails

• ContactyourInformationAssuranceOfficeroryourservicingNetworkEnterpriseCenter(NEC)ifyouhavequestionsaboutemails

• Reportanypotentialincidents

DO NOT • Opensuspiciousemails

• Clickonsuspiciouslinksinemailsorpop-upwindows

• Calltelephonenumbersprovidedinsuspiciousemails

• Discloseanyinformation

Page 6: Beware of Phishing Scams

User Awareness•Mostphishingattemptsareforidentitytheft,butphishingisalsobeingusedtogainaccesstoonlinebanking,federal,andDoDinformation

• PhishingAttackscanbegearedtocollectpersonalinformationsuchas:SSN,mother’smaidenname,dateofbirth,passwords,creditcardnumbers,etc.

• Phishingemailsnotonlyattempttotrickyouintogivingoutsensitiveinformation,butalsocanincludemalicioussoftware

•MalicioussoftwarecanbevirusesandothercomputercodedesignedtoallowahackertouseyourcomputerforillegalInternetactivity,ortoaccessyourunit’snetworktogatherDoDinformation

•Maliciouscodemaycaptureyourkeystrokesorcaptureyourpersonalandworkfilesandsendthemtopeoplewithoutyourknowledge

How Phishing Works

Protect Yourself and Your Organization

DO

• Watchoutforphishing

• Deletesuspiciousemails

• ContactyourInformationAssuranceOfficeroryourservicingNetworkEnterpriseCenter(NEC)ifyouhavequestionsaboutemails

• Reportanypotentialincidents

DO NOT • Opensuspiciousemails

• Clickonsuspiciouslinksinemailsorpop-upwindows

• Calltelephonenumbersprovidedinsuspiciousemails

• Discloseanyinformation

Page 7: Beware of Phishing Scams

SUSPICIOUS ACTIVITY REPORTING

Why Phishing Works

•Weareeasilyenticed—wetrustknownbrands/logos

•Lackofusereducationandawareness

•LackofInformationAssuranceknowledgeandwarningindicators

•Visuallydeceptivetext

•Imagemasking

•ImagemimickingWindows

What is Phishing?Phishingisanattemptbyanindividualorgrouptosolicitpersonalinformationfromunsuspectingusersbyemployingsocialengineeringtechniques(i.e.,manipulatingpeopleintoperformingactionsordivulgingconfidentialinformation).Phishingemailsarecraftedtoappearasiftheyweresentfromalegitimateorganizationorknownindividual.Theseemailsoftenattempttoattractuserstoclickonalinkthatwilltaketheusertoafraudulentwebsitethatappearslegitimate.Theuserthenmaybeaskedtoprovidepersonalinformation,suchasaccountusernamesandpasswordsthatcanfurtherexposethem,theirnetwork,andtheirunittofuturecompromises.

Inordertofullyunderstandphishingandhowitcanimpactyouandyourunit,youshouldbeawarethattherearedifferenttypesofphishing:

Phishingisusuallyane-mailsenttoalargegroupofpeoplethatattemptstoscamtherecipients.Thepeoplethemessageissenttooftendonothaveanythingincommon.

Spear phishingisamessagesenttoasmaller,moreselectgroupoftargetedpeopleortoasingleindividual.

Whaling or whale phishingisahighlypersonalizedmessagesenttoseniorexecutives,high-levelofficials,ortheirpersonalexecutivestaffmembers.

Help! I think I’ve been

Phished!Anti Phishing Quick Reaction Drill

• Changeyourpasswordimmediatelyattherealwebsite:

• Typethewebsitenameinyourbrowser’saddressbar.

• Signintoyouraccountandclickthe“userprofile”or“changepassword”link.

• Followthewebsite’sinstructionstochangeyouraccountinformationandpassword.

• Clickthe“contactus”linkfoundonmostwebsitesandinformthemaboutthephishingattackyoujustexperienced.

• Ifyouareusingagovernmentcomputer,contactyourlocalInformationAssuranceOfficerandservicingNetworkEnterpriseCenter(NEC).

Recognizing & Avoiding Email Scams:http://www.us-cert.gov/reading_room/emailscams_0905.pdf

Report Phishing Attacks to Your Local Information Assurance Officer and your servicing Network

Enterprise Center (NEC)


Fraudes y timos tarjeta y prestamos de Cetelem « Fraudes Online en Internet – fishing – Phishing – Scams

BEWARE OF SCAMS - 1MinuteSitetutz1983.oneminutesite.it/files/18-THE SECRET OF NEOBUX.pdfBEWARE OF SCAMS Legit copies of THE ... review our guide "Neobux for beginners". In the world

At School & On-Line: Helping Students Avoid Security ......Phishing, Pharming & Email Scams • "Phishing” - elicits secure information through an e-mail message that appears to

Customer Education for Fraud Web, Phone & Mobile · Beware of Phishing Emails What is Phishing? Phishing is a form of fraud in which the attacker tries to learn information such as

May 2017 Consumer Alert Beware of Tech Scams · Consumer Alert Beware of Tech Scams What to Look Out For A scam artist posing as a tech support person will often attempt to gain access

Protecting Organizations from Phishing Scams, RSA Webinar on Sep 2010

Protecting Organizations from Phishing Scams, for RSA Webinar in Sep2010

Beware of BAIT! · Beware of BAIT! How to Spot a Phishing Scam “Phishing” emails attempt to trick people into sharing information that helps criminals access an organization’s

COMBATTING MODERN EMAIL PHISHING ATTACKS · 2016-11-07 · Combatting modern email phishing attacks More effective than traditional phishing scams, spear-phishing attacks are carefully

Phishing Scams

Consumer Alert - Beware of Tech Scams Alert Beware of Tech Scams. What to Look Out For. A scam artist posing as a tech support person will often attempt to gain access to the unwary

Recognize phishing scams

Friendly Advice on Privacy, Phishing, Scams and SPAM

COVID-19 (Coronavirus) Phishing Scams · sending phishing emails that look like legitimate awareness training or refunds for event cancellations. Falling for one of these malicious

Today’s Agenda… Knowledge Check What is Cyber Crime? Identity Theft Phishing Common Scams inc. online and mobile phone scams Prevention Methods

Choose Trusted Moving Service and Beware of Moving and Packing Scams

Build a Secure Cyberspace 2019 “Phishing scams? No more ... · Information Security from Risk Management and Design Build a Secure Cyberspace 2019 “Phishing scams? No more!”

Why Do Some People Fall for Phishing Scams and What Do I Do About it?

Season’s Cheatings: Beware of Holiday Scams...Season’s Cheatings: Beware of Holiday Scams – An AARP Vermont Survey of Adults 18+ 5 Q6. In the past 12 months, or since last October,

Living in a World of Hackers, Phishing, Scams and SPAM

New Increased COVID-19 Payment Scams & Cybersecurity Risks · 2020. 4. 17. · Government and Regulatory High-Level Alerts • Phishing Scams -- The U.S. Department of Homeland Security

How Small Businesses Can Prevent Phishing Scams

Protect Yourself From Online Fraudthomasedisonelectric.ca/pdf/whatsnew/Protect-Online-Fraud.pdf · Online Scams and Fraud Recognize It What is Phishing? Phishing is a general term

Fraudulent Email Scams Phishing on-line

The Top 3 Trends in Phishing Right Now · 3 What we’re talking about today Most common phishing trends for 2018: • SSL Certs used in phishing • One-time use URLs • BEC scams/spearphishing

Seven new (and convincing!) phishing scams

Phishing scams in banking ppt

Job Hunters Beware Avoiding Online Job Search Scams

Phishing Scams: 8 Helpful Tips to Keep You Safe

Bsharah Presentation Threats to Information Security Protecting Your Personal Information from Phishing Scams

Beware of these job-hunting scams

Beware of Foreclosure Rescue Scams!

How to Recognize and Deal with Phishing Scams€¦ · 2. Anti-Phishing Toolbars Some internet browsers can be fitted with anti-phishing toolbars that run checks on sites before they

Freud and Phishing: The Psychology Behind Internet Scams

Scholarship Scams Avoiding Scholarship Scams, Phishing & Identity Theft at All Cost