In today’s information age people tend to use more and more electronic services substituting old one, like not going to bank any more, shopping online and do everything from their homes. Yes, this is very convenient but also very dangerous. Every thing would be great if people would be more educated and would not fall for easy phishing attack and stupid spam emails. So I think it is very necessary to include basic IT security knowledge training very early in schools, so they don’t be an easy targets.
The recent theft of millions of a 77 million names, email addresses and other personally identifiable information from Sony, has highlighted two needs: better user education, and new and improved technological solutions for online phishing attacks.
As result these hackers have quite a lot information on individuals and they can craft some really good spear phishing attacks. Since they have very detailed information it’s quite easy. How to prevent not to fall for these spear phishing attacks. It’s quit hard on software level since mallware types are changing very rabidly and every day they figure something new. Users usually are very keen on security and they don’t check if they have newest updates of system and antivirus software’s. And antivirus mostly are useful for old viruses. So only option is to educate users in secure browsing habits.
Here are some suggestions:
- Look Before You Click – they may substitute real link with very similar just by changing one letter
- Never Give Out Sensitive Data – be suspicious if your bank asks you for credentials via email, they usually don’t do it that way
- Be aware of Attachments – don’t click links in emails, and do not open attachment in emails without carefully exploring them
- Use the Phone – use phone to contact email sender if you have suspicions about emails content
So I would advise you all to educate all your friend and friend friends who don’t know much about these things.