How to Spot and Combat a Phishing Attack Webinar
|
|
- Annabelle Bond
- 8 years ago
- Views:
Transcription
1 How to Spot and Combat a Phishing Attack Webinar October 20 th, 2015 Kevin Patel Sr Director of Information Security, Compliance & IT Risk Mgmt kpatel@controlscan.com
2 Agenda 1) National Cyber Security Awareness Month (NCSAM) overview 2) Phishing overview 3) By the numbers - phishing stats 4) Which phishing tactics are on the rise and old tactics that are still working today 5) Anatomy of a phishing 6) Sample phishing s can you spot the phish? 7) What to do if an appears to be a phishing attempt 8) So why should I care about phishing? 9) Online phishing resources 10) Q&A ControlScan
3 National Cyber Security Awareness Month (NCSAM) NCSAM is celebrated every October 2015 marks NCSAM 12 th year A collaborative initiative between the government and industry to promote online safety awareness Primary goal of NCSAM is to educate people about the risks of cybersecurity and provide resources to stay safe and secure online. ControlScan supports NCSAM and is a champion this year joining a growing global effort of 400+ colleges and universities, businesses, government agencies, associations and non-profit organizations ControlScan
4 They Didn t Avoid the Bait Majority of all the major data breaches over the past few years have what in common? PHISHING was the initial point of entry The following companies fell for sophisticated phishing attacks: Target million records compromised Anthem 78.8 million records JPMC 83 million records breached Sony 102 million records South Carolina DOR 8 million records ControlScan
5 So What is Phishing? Phishing is a fraudulent attempt (a type of spam) which is usually made through to steal your personal/sensitive information. Phishing is a psychological attack used by cybercriminals to trick you into giving up information or taking an action such as clicking on a link, opening an attachment, or responding to a scam. Phishing is a common form of social engineering and has become the preferred method for cybercriminals. The bad guys spoof legitimate companies and brands that the recipient may be familiar with. Image Source: SANS ControlScan
6 So What is Phishing? (cont.) Spear Phishing Sophisticated highly targeted phishing scam aimed at specific individuals or groups within an organization (i.e. C-Suite, Accounting, HR or IT) with the sole purpose of obtaining unauthorized access to sensitive data. Most popular form of phishing and on the rise. High-profile individuals are targeted, which is why its referred to as whaling. Spear Phishing makes use of information about a target to make attacks more specific and targeted. Hackers do their research! Intent remains the same - to steal intellectual property, financial data, trade or military secrets and other confidential data. Vishing A form of social engineering similar to phishing but occurs over the phone primarily using automated voice systems. Instead of sending an , you receive a call on your home phone or mobile device, claiming to be from your bank or another institution you trust, and will request you share sensitive info. SMiShing Accomplished through text messages (SMS) via a cell phone or mobile device by asking you to call a particular number to gain sensitive information or click on a link that could contain malicious code. ControlScan
7 Why is Phishing So Popular with Hackers? Phishing is a top hacker technique since it is usually the path of least resistance for the bad guys to get the sensitive data they want without being detected. Phishing is the No. 1 method to gain unauthorized access and steal data since the bad guys like to take advantage of human error. ControlScan
8 What do the Cybercriminals want? Protected Health Information (PHI) ControlScan
9 Top 3 Ways to get Phished ControlScan
10 By the Numbers - Phishing Stats Data/Image Sources: 1. Lireo Designs - The State of Phishing 2. Kaspersky Labs - The Evolution of Phishing Attacks: APWG - Global Phishing Survey: Trends and Domain Names Use in 1H ControlScan
11 By the Numbers - Phishing Stats (cont.) Data/Image Sources: 1. Kaspersky Labs - The Evolution of Phishing Attacks: APWG - Global Phishing Survey: Trends and Domain Names Use in 1H HP - State of Network Security, August 2014 ControlScan
12 Anatomy of a Phishing In order for you to successfully identify and combat phishing s we must first understand the anatomy of the . To deceive recipients into divulging sensitive information, cybercriminals will use a variety of tactics such as: Image Source: ControlScan
13 Sample Phishing Can you spot the phish? Source: ControlScan
14 Sample Phishing Can you spot the phish? Source: ControlScan
15 Sample Phishing Can you spot the phish? Source: ControlScan
16 Phishing Indicators Can you spot the phish? Sent from someone's personal account Generic greeting Grammar and spelling mistakes Requires immediate action and creates a sense of urgency Malicious Link mouse over to verify link Generic sender lack of contact info Suspicious attachment Source: SANS Don t Get Hooked Poster ControlScan
17 Sample Phishing Website Can you spot the phish? Source: ControlScan
18 Sample Phishing Website Can you spot the phish? Source: ControlScan
19 Phishing Checklist Don t believe everything you see If it sounds to good to be true it usually is. No, you didn t just win a $1,000 gift card. Beware of threatening language or invoking a sense of urgency Analyze the greeting generic salutation Dear Customer use is a tell-tale sign Look but do NOT click mouse over links, avoid URLs signs Be suspicious of attachments i.e..exe,.com,.pif,.bat,.msi,.scr,.zip,.vbs Requests personal information - Do NOT share personal/sensitive information Check for mistakes in spelling and grammar most organizations proofread Review the signature generic and lack of detail or contact info Source: ControlScan
20 What to do if you receive a Phishing ? Report It & Delete It You should report suspected phishing s to your local IT support staff or security team immediately Notify the company, bank, or organization impersonated by the phishing . Many large companies provide directions on there websites on how to report phishing. FTC: Forward phishing s to spam@uce.gov APWG: Forward the suspected phishing to reportphishing@apwg.org US-CERT: Report phishing s and sites Forward phishing s to US-CERT phishing-report@us-cert.gov **Remember to include the full header when reporting phishing s ControlScan
21 So Why Should I Care About Phishing? We are the first line of defense in successfully detecting and stopping phishing attacks We are all phishing targets both at work and at home Hackers take advantage of the human factor (potential for human error) by enticing you to click or download. The bad guys know that careless or untrained employees are the quickest and easiest way to circumvent even the best security controls. Hackers want your personal and financial information, access to your accounts and your devices. If it has value on the black-market the hackers want it! Its that simple ControlScan
22 Online Phishing Resources CRI Cyber Security Awareness - Phishing Video: ControlScan
23 Q&A Remember all it takes is ONE click to become a victim of phishing When in doubt DELETE ControlScan
Information Security Field Guide to Identifying Phishing and Scams
Information Security Field Guide to Identifying Phishing and Scams 010001010100101010001010011010101010101010101 01000101010011010010100101001010 1 Contents Introduction Phishing Spear Phishing Scams Reporting
More informationDEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, D.C. 20301-6000
DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, D.C. 20301-6000 CHIEF INFORMATION OFFICER October 1, 2015 MEMORANDUM FOR SECRETARIES OF THE MILITARY DEPARTMENTS CHAIRMAN OF THE JOINT CHIEFS OF
More informationRecognizing Spam. IT Computer Technical Support Newsletter
IT Computer Technical Support Newsletter March 23, 2015 Vol.1, No.22 Recognizing Spam Spam messages are messages that are unwanted. If you have received an e-mail from the Internal Revenue Service or the
More informationHow to Identify Phishing E-Mails
How to Identify Phishing E-Mails How to recognize fraudulent emails and avoid being phished. Presented by : Miguel Fra, Falcon IT Services (miguel@falconitservices.com) http://www.falconitservices.com
More informationShield Your Business - Combat Phishing Attacks. A Phishnix White Paper
A Phishnix White Paper Shield Your Business - Combat Phishing Attacks Aujas Information Risk Services 19925 Steven s Creek Blvd, Suite 100, Cupertino, CA 95014-2358 Phone: 1.855.PHISHNX Fax : +1 408 973
More informationAdvice about online security
Advice about online security May 2013 Contents Report a suspicious email or website... 3 Security advice... 5 Genuine DWP contacts... 8 Recognising and reporting phishing and bogus emails... 9 How DWP
More informationCommon Cyber Threats. Common cyber threats include:
Common Cyber Threats: and Common Cyber Threats... 2 Phishing and Spear Phishing... 3... 3... 4 Malicious Code... 5... 5... 5 Weak and Default Passwords... 6... 6... 6 Unpatched or Outdated Software Vulnerabilities...
More informationWhite paper. Phishing, Vishing and Smishing: Old Threats Present New Risks
White paper Phishing, Vishing and Smishing: Old Threats Present New Risks How much do you really know about phishing, vishing and smishing? Phishing, vishing, and smishing are not new threats. They have
More informationDON T BE FOOLED BY EMAIL SPAM FREE GUIDE. Provided by: Don t Be Fooled by Spam E-Mail FREE GUIDE. December 2014 Oliver James Enterprise
Provided by: December 2014 Oliver James Enterprise DON T BE FOOLED BY EMAIL SPAM FREE GUIDE 1 This guide will teach you: How to spot fraudulent and spam e-mails How spammers obtain your email address How
More informationNATIONAL CYBER SECURITY AWARENESS MONTH
NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the
More informationDon t Fall Victim to Cybercrime:
Don t Fall Victim to Cybercrime: Best Practices to Safeguard Your Business Agenda Cybercrime Overview Corporate Account Takeover Computer Hacking, Phishing, Malware Breach Statistics Internet Security
More informationCyber Attacks and Liabilities Why do so many Organizations keep Getting Hacked, Sued and Fined?
Cyber Attacks and Liabilities Why do so many Organizations keep Getting Hacked, Sued and Fined? PRESENTED BY RICK SHAW, AWAREITY Webinar Objectives Employees (and third parties) are the weakest links Learn
More informationTips for Banking Online Safely
If proper attention is given to safety and security, banking and monetary activities can be completed online in a convenient and effective fashion. This guide helps to establish procedures for remaining
More informationConducting an Email Phishing Campaign
Conducting an Email Phishing Campaign WMISACA/Lansing IIA Joint Seminar May 26, 2016 William J. Papanikolas, CISA, CFSA Sparrow Health System Estimated cost of cybercrime to the world economy in 2015 was
More informationThe Cost of Phishing. Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015
The Cost of Phishing Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015 Executive Summary.... 3 The Costs... 4 How To Estimate the Cost of an Attack.... 5 Table
More informationCyber Crime: You Are the Target
Cyber Crime: You Are the Target When talking about computer crime, we often hear the observation from computer users that they aren t rich and therefore what they have isn t worth much to a cyber criminal.
More informationAvoid completing forms in email messages that ask for personal financial information.
INTERNET FRAUD Online scams and viruses are constantly evolving and they threaten the security of computers worldwide. As criminals evolve their tactics, you need to keep your PC's security software (virus
More informationAnti-Phishing Best Practices for ISPs and Mailbox Providers
Anti-Phishing Best Practices for ISPs and Mailbox Providers Version 2.01, June 2015 A document jointly produced by the Messaging, Malware and Mobile Anti-Abuse Working Group (M 3 AAWG) and the Anti-Phishing
More informationFRAUD ALERT THESE SCAMS CAN COST YOU MONEY
FRAUD ALERT THESE SCAMS CAN COST YOU MONEY Phishing spear phishing vishing smishing debit card skimming fake check scams THE COMMON SENSE PRECAUTIONS INSIDE CAN KEEP YOU SAFE! SCHEMES SCAMS FRAUDS Criminals
More informationJanuary 2011 Report #49. The following trends are highlighted in the January 2011 report:
January 2011 Report #49 Spam made up 81.69% of all messages in December, compared with 84.31% in November. The consistent drop in spam made us wonder, did spammers take a holiday break? Global spam volume
More informationHow To Help Protect Yourself From Identity Theft
How To Help Protect Yourself From Identity Theft January 20, 2015 Bryan Strong Senior Vice President and Director Information Security This complimentary interactive webinar is sponsored by Zions Bank
More informationProtect Yourself. Who is asking? What information are they asking for? Why do they need it?
Protect Yourself Your home computer serves many purposes: email, shopping, social networking and more. As you surf the Internet, you should be aware of the various ways to protect yourself. Of primary
More informationReport. Phishing Deceives the Masses: Lessons Learned from a Global Assessment
Phishing Deceives the Masses: Lessons Learned from a Global Assessment Table of Contents Executive Summary...3 Phishing Preys on the Uninformed...4 Introducing the McAfee Phishing Quiz....5 Lessons Learned...5
More informationProtecting your business from fraud
Protecting your business from fraud KEY TAKEAWAYS > Understand the most common types of fraud and how to identify them. > What to do if you uncover fraudulent activity or suspect you are a victim of fraud.
More informationOIG Fraud Alert Phishing
U.S. EQUAL EMPLOYMENT OPPORTUNITY COMMISSION Washington, D.C. 20507 Office of Inspector General Aletha L. Brown Inspector General July 22, 2005 OIG Fraud Alert Phishing What is Phishing? Phishing is a
More informationScams and Schemes LESSON PLAN UNIT 1. Essential Question What is identity theft, and how can you protect yourself from it?
LESSON PLAN Scams and Schemes Essential Question What is identity theft, and how can you protect yourself from it? Lesson Overview Students learn strategies for guarding against identity theft and scams
More informationUW-Madison. Tips to Avoid Phishing Scams
UW-Madison Tips to Avoid Phishing Scams What is phishing? Phishing is the use of fraudulent email, websites, text messages and phone calls to trick people into disclosing personal financial or identity
More informationEmail Expanded Header: Viewing in Microsoft Outlook
Email Expanded Header: Viewing in Microsoft Outlook Figure 1: Default Shown Header in an Outlook 2003 E-mail Message The Internet header of an e-mail message can have twenty lines or more showing all kinds
More informationSpear Phishing Attacks Why They are Successful and How to Stop Them
White Paper Spear Phishing Attacks Why They are Successful and How to Stop Them Combating the Attack of Choice for Cybercriminals White Paper Contents Executive Summary 3 Introduction: The Rise of Spear
More informationPhishing Scams Security Update Best Practices for General User
Phishing Scams Security Update Best Practices for General User hishing refers to the malicious attack Pmethod by attackers who imitate legitimate companies in sending emails in order to entice people to
More informationCyber Security Survival Guide
Cyber Security Survival Guide 1 Table of Contents First State Bank of Bedias... 4 What is Corporate Account Takeover?... 4 Corporate Account Takeover Awareness and Prevention... 5 Fraud Tactics... 5 Dumpster
More informationOnline Cash Manager Security Guide
Online Cash Manager Security Guide You re the One who can protect your business from the threat of a Corporate Account Takeover. 102 South Clinton Street Iowa City, IA 52240 1-800-247-4418 Version 1.0
More informationSECURITY REIMAGINED SPEAR PHISHING ATTACKS WHY THEY ARE SUCCESSFUL AND HOW TO STOP THEM. Why Automated Analysis Tools are not Created Equal
WHITE PAPER SPEAR PHISHING ATTACKS WHY THEY ARE SUCCESSFUL AND HOW TO STOP THEM Why Automated Analysis Tools are not Created Equal SECURITY REIMAGINED CONTENTS Executive Summary...3 Introduction: The Rise
More informationKaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking
Kaspersky Fraud Prevention: a Comprehensive Protection Solution for Online and Mobile Banking Today s bank customers can perform most of their financial activities online. According to a global survey
More informationPhishing Past, Present and Future
White Paper Phishing Past, Present and Future By Theodore Green, President, SpamStopsHere.com Abstract A particularly dangerous and now common type of spam known as "Phishing attempts to trick recipients
More informationMalware & Botnets. Botnets
- 2 - Malware & Botnets The Internet is a powerful and useful tool, but in the same way that you shouldn t drive without buckling your seat belt or ride a bike without a helmet, you shouldn t venture online
More informationProtection from Fraud and Identity Theft
Table of Contents Protection from Fraud & Identity Theft... 1 Simple Steps to Secure Your Devices... 1 Setting Up Your Computer and/or Mobile Device... 2 Adding Security Software... 2 Internet Safety Tips...
More informationProtect yourself online
Protect yourself online Advice from Nottinghamshire Police s Pre Crime Unit Get daily updates: www.nottinghamshire.police.uk www.twitter.com/nottspolice www.facebook.com/nottspolice www.youtube.com/nottinghampolice
More informationEvaluating DMARC Effectiveness for the Financial Services Industry
Evaluating DMARC Effectiveness for the Financial Services Industry by Robert Holmes General Manager, Email Fraud Protection Return Path Executive Summary Email spoofing steadily increases annually. DMARC
More informationCyber Security Breakout Session. Ed Rosenberg, Vice President & Chief Security Officer, BMO Financial Group Legal, Corporate & Compliance Group
Cyber Security Breakout Session Ed Rosenberg, Vice President & Chief Security Officer, BMO Financial Group Legal, Corporate & Compliance Group December 2014 Disclaimer: The material in this presentation
More informationWhen registering on a jobsite, first ensure that the site is reputable and has a physical address and landline phone number.
Job searching online has become the most popular method of finding employment. Searching for the type of job you want is fast and easy, and you can see new jobs as soon as employers / agencies post them.
More informationDecember 2010 Report #48
December 2010 Report #48 With the holidays in full gear, Symantec observed an increase of 30 percent in the product spam category as spammers try to push Christmas gifts and other products. While the increase
More informationSocial Media and Cyber Safety
Social Media and Cyber Safety Presented to the National Association of REALTORS by Andrew Wooten Safety and Security Consultant andrew@justbesafe.com Social Media and Cyber Safety Our instructor today
More informationLearning to Detect Spam and Phishing Emails Page 1 of 6
Page 1 of 6 Email provides us a powerful communication tool. Unfortunately, it also provides scammers an easy means for luring potential victims. The scams they attempt run from old-fashioned bait-and-switch
More informationWho Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015
Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence AIBA Quarterly Meeting September 10, 2015 The Answer 2 Everyone The relationship between the board, C-suite, IT, and compliance leaders
More informationINFOCOMM SEC RITY. is INCOMPLETE WITHOUT. Be aware, responsible. secure!
INFOCOMM SEC RITY is INCOMPLETE WITHOUT Be aware, responsible secure! U HACKER Smack that What you can do with these five online security measures... ANTI-VIRUS SCAMS UPDATE FIREWALL PASSWORD FASTEN UP!
More informationBad Ads Trend Alert: Shining a Light on Tech Support Advertising Scams. May 2014. TrustInAds.org. Keeping people safe from bad online ads
Bad Ads Trend Alert: Shining a Light on Tech Support Advertising Scams May 2014 TrustInAds.org Keeping people safe from bad online ads OVERVIEW Today, even the most tech savvy individuals can find themselves
More informationCredit Card Fraud Training
Credit Card Fraud Training Lesson Plan A Consumer Action Publication Consumer Action created this project in partnership with Chase 2009 Consumer Action Credit Card Fraud Training Lesson Plan (For the
More informationFraud Trends. HSBCnet Online Security Controls PUBLIC
Fraud Trends HSBCnet Online Security Controls العربیة 文 En français En Español 繁 體 中 文 简 体 中 Contents Types of Fraud Malware Attacks Business E-mail Compromise Voice Phishing ( Vishing ) Short Message
More informationThe Pennsylvania Lawyer May June 2012
20 The Pennsylvania Lawyer May June 2012 How to Avoid Becoming a Victim of Phishing Be aware that scammers often use fake IRS notices or requests as bait By Phyllis Horn Epstein Cybercrime is the evil
More informationThe following information was provided by SANS and discusses IT Security Awareness. It was last updated in 2015.
The following information was provided by SANS and discusses IT Security Awareness. It was last updated in 2015. By completing this module and the quiz, you will receive credit for CW 170, which is required
More informationOCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875
OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875 Understanding Information Security Information Security Information security refers to safeguarding information from misuse and theft,
More informationPhishing for Fraud: Don't Let your Company Get Hooked!
Phishing for Fraud: Don't Let your Company Get Hooked! March 2009 Approved for 1 CTP/CCM recertification credit by the Association for Financial Professionals 1 Today s Speakers: Joe Potuzak is Senior
More informationCYBERSECURITY FRAUD LOSS ISSUES & HOW TO ADDRESS RISKS IN TODAY'S INSURANCE MARKETPLACE 12/16/2015. December 17, 2015
12/16/2015 CYBERSECURITY FRAUD LOSS ISSUES & HOW TO ADDRESS RISKS IN TODAY'S INSURANCE MARKETPLACE December 17, 2015 Angela R. Morelock, CPA, CFE, CFF, ABV Partner, BKD, LLP amorelock@bkd.com Jeff Eiserman
More informationWHITEPAPER. V12 Group www.v12groupinc.com 141 West Front Street, Suite 410 Red Bank, NJ 07701 info@v12groupinc.com 1.866.842.1001
WHITEPAPER Phishing Facts for Email Marketers: Understanding the phishing factor impact on your email programs. Email phishing attacks are destructive for everyone, it s not just the brands (and their
More informationAdvanced Security Methods for efraud and Messaging
Advanced Security Methods for efraud and Messaging Company Overview Offices: New York, Singapore, London, Tokyo & Sydney Specialization: Leader in the Messaging Intelligence space Market focus: Enterprise,
More informationGuide to Preventing Social Engineering Fraud
Guide to Preventing Social Engineering Fraud GUIDE TO PREVENTING SOCIAL ENGINEERING FRAUD CONTENTS Social Engineering Fraud Fundamentals and Fraud Strategies... 4 The Psychology of Social Engineering (And
More informationHot Topics in IT Security PREP#28 May 1, 2014. David Woska, Ph.D. OCIO Security
Hot Topics in IT Security PREP#28 May 1, 2014 David Woska, Ph.D. OCIO Security CME Disclosure Statement The North Shore LIJ Health System adheres to the ACCME s new Standards for Commercial Support. Any
More informationCybersecurity: A Growing Concern for All Businesses. RLI Design Professionals Design Professionals Learning Event DPLE 160 October 7, 2015
Cybersecurity: A Growing Concern for All Businesses RLI Design Professionals Design Professionals Learning Event DPLE 160 October 7, 2015 RLI Design Professionals is a Registered Provider with The American
More informationPROTECT YOUR COMPUTER AND YOUR PRIVACY!
PROTECT YOUR COMPUTER AND YOUR PRIVACY! Fraud comes in many shapes simple: the loss of both money protecting your computer and Take action and get peace of and sizes, but the outcome is and time. That
More informationecommercial SAT ecommercial Security Awareness Training Version 3.0
ecommercial SAT ecommercial Security Awareness Training Version 3.0 Welcome The goal of this training course is to provide you with the information needed to assist in keeping your online banking account
More informationNot-For-Profit Finance Forum Westpac New Zealand Limited
Not-For-Profit Finance Forum Westpac New Zealand Limited Managing Fraud insights from a consumer banking perspective Claire Smollett Investigations Manager - Financial Crime Management Hayley Muong Senior
More informationInfocomm Sec rity is incomplete without U Be aware,
Infocomm Sec rity is incomplete without U Be aware, responsible secure! HACKER Smack that What you can do with these five online security measures... ANTI-VIRUS SCAMS UPDATE FIREWALL PASSWORD [ 2 ] FASTEN
More informationPersonal. Protecting Yourself in a Digital World
Personal Protecting Yourself in a Digital World 210.229.1128 MyGenFCU.org 1 Identifying Fraud The world is now more connected than any other time in our history. In this era of smartphones, we can text,
More informationRemote Deposit Quick Start Guide
Treasury Management Fraud Prevention How to Protect Your Business Remote Deposit Quick Start Guide What s Inside We re committed to the safety of your company s financial information. We want to make you
More informationSMALL BUSINESS IT SECURITY PRACTICAL GUIDE
SMALL BUSINESS IT SECURITY PRACTICAL GUIDE How to make sure your business has comprehensive IT security protection #protectmybiz Small businesses come in all shapes and sizes. But in today s world, no
More informationMEASURES TO ENHANCE MARITIME SECURITY. Industry guidelines on cyber security on board ships. Submitted by ICS, BIMCO, INTERTANKO and INTERCARGO
E MARITIME SAFETY COMMITTEE 95th session Agenda item 4 MSC 95/4/1 5 March 2015 Original: ENGLISH MEASURES TO ENHANCE MARITIME SECURITY Industry guidelines on cyber security on board ships Submitted by
More informationhow human behavior and decision making expose users to phishing attacks BY INA WANCA AND ASHLEY CANNON
how human behavior and decision making expose users to phishing attacks BY INA WANCA AND ASHLEY CANNON WHY BEHAVIOR MATTERS IN CYBERSECURITY Cybercriminals use phishing and social engineering to defeat
More informationCyber Security. Securing Your Mobile and Online Banking Transactions
Cyber Security Securing Your Mobile and Online Banking Transactions For additional copies or to download this document, please visit: http://msisac.cisecurity.org/resources/guides 2014 Center for Internet
More informationPREP Course #25: Hot Topics in Cyber Security and Database Security. Presented by: Joe Baskin Manager, Information Security, OCIO JBaskin@nshs.
PREP Course #25: Hot Topics in Cyber Security and Database Security Presented by: Joe Baskin Manager, Information Security, OCIO JBaskin@nshs.edu Objectives Discuss hot topics in cyber security and database
More informationOVERVIEW. 1. Cyber Crime Unit organization. 2. Legal framework. 3. Identity theft modus operandi. 4. How to avoid online identity theft
OVERVIEW 2 1. Cyber Crime Unit organization 2. Legal framework 3. Identity theft modus operandi 4. How to avoid online identity theft 5. Main challenges for investigation 6. Conclusions ORGANIZATION 3
More informationRC284. Protect Yourself Against Identity Theft
RC284 Protect Yourself Against Identity Theft Identity theft the unauthorized use of your information by third parties involves the collection and use of personal information such as your name, date of
More informationINTERNET SAFETY: VIRUS: a computer program that can copy itself and infect your computer. CAPTCHAS: type the letters to set up an online account
INTERNET SAFETY: VIRUS: a computer program that can copy itself and infect your computer Malware: Harmful software programs designed to damage your computer without you knowing. Spyware: Undetected programs
More informationPractical guide for secure Christmas shopping. Navid
Practical guide for secure Christmas shopping Navid 1 CONTENTS 1. Introduction 3 2. Internet risks: Threats to secure transactions 3 3. What criteria should a secure e-commerce page meet?...4 4. What security
More information+GAMES. Information Security Advisor. Be a Human Firewall! The Human Firewall' s Top Concerns in the Cyber, People & Physical Domains
Information Security Advisor December 2015 Be a Human Firewall! The Human Firewall' s Top Concerns in the Cyber, People & Physical Domains +GAMES Spot the insider & Human firewall Filtering EXerCISE Good
More informationSCHEMES SCAMS FRAUDS
FRAUD ALERT! FRAUD ALERT! GUARDING AGAINST INTERNET & MOBILE FRAUD SCHEMES SCAMS FRAUDS & THESE SCAMS CAN COST YOU MONEY: Phishing spear phishing vishing smishing debit card skimming fake check scams THE
More informationTOP 10 TIPS FOR EDUCATING EMPLOYEES ABOUT CYBERSECURITY. Mark Villinski @markvillinski
TOP 10 TIPS FOR EDUCATING EMPLOYEES ABOUT CYBERSECURITY Mark Villinski @markvillinski Why do we have to educate employees about cybersecurity? 2014 Corporate Threats Survey 94% of business s suffered one
More informationTargeted Phishing. Trends and Solutions. The Growth and Payoff of Targeted Phishing
White Paper Targeted Phishing Email is the medium most organizations have come to rely on for communication. Unfortunately, most incoming email is unwanted or even malicious. Today s modern spam-blocking
More informationComputer Security Self-Test: Questions & Scenarios
Computer Security Self-Test: Questions & Scenarios Rev. Sept 2015 Scenario #1: Your supervisor is very busy and asks you to log into the HR Server using her user-id and password to retrieve some reports.
More informationRed Flags in International Payments and Trade. Presented by Paul Warfield and Despina Margiori
Red Flags in International Payments and Trade Presented by Paul Warfield and Despina Margiori Red Flags on International Payments Financial Crimes Enforcement Network (FinCEN) alerts that Criminal organizations
More informationcurrent and previous addresses name/ssn Medical Insurance info UNCLASSIFIED credit info family info phone & fax #
Personal Identifiable Information current and previous addresses name/ssn credit info family info Medical Insurance info professional & personal relationships email address phone & fax # 1 Implications
More informationManagement and Storage of Sensitive Information UH Information Security Team (InfoSec)
Management and Storage of Sensitive Information UH Information Security Team (InfoSec) Who Are We? UH Information Security Team Jodi Ito - Information Security Officer Deanna Pasternak & Taylor Summers
More informationCyber crime. lingua house. 1 Internet crime. Lesson code: 9ZE5-4PDB-KC48 UPPER INTERMEDIATE + Match the following words to their correct definitions:
A A GENERAL ENGLISH Lesson code: 9ZE5-4PDB-KC48 UPPER INTERMEDIATE + 1 Internet crime Match the following words to their correct definitions: 1. hacker a. a computer program which can make copies of itself
More informationTOP 10 TIPS FOR EDUCATING EMPLOYEES ABOUT CYBERSECURITY
TOP 10 TIPS FOR EDUCATING EMPLOYEES ABOUT CYBERSECURITY An Inside Job Cyberthreats to your business are usually blamed on outsiders nefarious programmers writing malicious code designed to pilfer your
More informationRLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123. Cybersecurity: A Growing Concern for Small Businesses
RLI PROFESSIONAL SERVICES GROUP PROFESSIONAL LEARNING EVENT PSGLE 123 Cybersecurity: A Growing Concern for Small Businesses Copyright Materials This presentation is protected by US and International Copyright
More informationCyber Security. Maintaining Your Identity on the Net
Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three points of failure in any secure network: Technology (hardware and software) Technology Support (ITS) End Users (USD
More informationIdentity Theft Awareness: Don t Fall Victim to these Common Scams
Identity Theft Awareness: Don t Fall Victim to these Common Scams We want you to understand what identity theft is, how it happens, and how to protect yourself. Please read and familiarize yourself with
More informationErie County has been notified of an active phishing e mail threat targeting government agencies and have received reports of a wellcrafted phishing
Active E mail Phishing Threat from DISS Erie County has been notified of an active phishing e mail threat targeting government agencies and have received reports of a wellcrafted phishing email circulating
More informationManaging Junk Mail. About the Junk Mail Filter
Managing Junk Mail Outlook can filter out certain types of messages and send them to a separate folder to keep your Inbox from being cluttered with junk mail. Outlook can also disable links in suspicious
More informationSMALL BUSINESS IT SECURITY PRACTICAL GUIDE
SMALL BUSINESS IT SECURITY PRACTICAL GUIDE How to make sure your business has comprehensive IT security protection #protectmybiz Small businesses come in all shapes and sizes. But in today s world, no
More informationImportance: From: Anthem, Inc. Communications Sent: Thursday, February 26, 2015 4:40 PM Subject: Important message from Anthem, Inc.
Importance: High From: Anthem, Inc. Communications Sent: Thursday, February 26, 2015 4:40 PM Subject: Important message from Anthem, Inc. An important message from Anthem, Inc. To Members: On January 29,
More informationCyber Security Solutions for Small Businesses Comparison Report: A Sampling of Cyber Security Solutions Designed for the Small Business Community
Cyber Security Solutions for Small Businesses Comparison Report: A Sampling of Cyber Security Solutions Designed for the Small Business Community A Sampling of Cyber Security Solutions Designed for the
More informationTLP WHITE. An introduction to social engineering 1.
An introduction to social engineering 1. Contents Summary... 2 Introduction... 3 Wide scale attacks... 3 Phishing... 3 Baiting... 4 Focusing the attack... 5 Spear phishing... 5 Watering hole attacks...
More informationThe Top Web Application Attacks: Are you vulnerable?
QM07 The Top Web Application Attacks: Are you vulnerable? John Burroughs, CISSP Sr Security Architect, Watchfire Solutions jburroughs@uk.ibm.com Agenda Current State of Web Application Security Understanding
More informationPhoenix Information Technology Services. Julio Cardenas
Phoenix Information Technology Services Julio Cardenas Email spam, also known as junk email or unsolicited bulk email (UBE), is a subset of electronic spam involving nearly identical messages sent to numerous
More informationWith the Target breach on everyone s mind, you may find these Customer Service Q & A s helpful.
With the Target breach on everyone s mind, you may find these Customer Service Q & A s helpful. Breach Overview Q: Media reports are stating that Target experienced a data breach. Can you provide more
More informationCombating Identity Theft: Tips to Reduce Your Cybersecurity Risks. September 16, 2015
Combating Identity Theft: Tips to Reduce Your Cybersecurity Risks September 16, 2015 Current Cyber Threat Cyber criminals are not only targeting businesses, but individuals Stolen personally identifiable
More informationWelcome to this ACT webinar
Welcome to this ACT webinar Cybersecurity: threats and responses 02 June 2015 12.30-13.15 Sponsored BST by Sponsored by Introduction James Lockyer Development Director ACT Interactive widgets Please take
More informationA new fake Citibank phishing scam using advanced techniques to manipulate users into surrendering online banking access has emerged.
A new fake Citibank phishing scam using advanced techniques to manipulate users into surrendering online banking access has emerged. The Citibank scam tricks users into surrendering their online banking
More information