Fight phishing with education

In today’s information age people tend to use more and more electronic services substituting old one, like not going to bank any more, shopping online and do everything from their homes. Yes, this is very convenient but also very dangerous. Every thing would be great if people would be more educated and would not fall for easy phishing attack and stupid spam emails. So I think it is very necessary to include basic IT security knowledge training very early in schools, so they don’t be an easy targets.

The recent theft of millions of a 77 million names, email addresses and other personally identifiable information from Sony, has highlighted two needs: better user education, and new and improved technological solutions for online phishing attacks.

As result these hackers have quite a lot information on individuals and they can craft some really good spear phishing attacks. Since they have very detailed information it’s quite easy. How to prevent not to fall for these spear phishing attacks. It’s quit hard on software level since mallware types are changing very rabidly and every day they figure something new. Users usually are very keen on security and they don’t check if they have newest updates of system and antivirus software’s. And antivirus mostly are useful for old viruses. So only option is to educate users in secure browsing habits.

Here are some suggestions:

  • Look Before You Click – they may substitute real link with very similar just by changing one letter
  • Never Give Out Sensitive Data – be suspicious if your bank asks you for credentials via email, they usually don’t do it that way
  • Be aware of Attachments – don’t click links in emails, and do not open attachment in emails without carefully exploring them
  • Use the Phone – use phone to contact email sender if you have suspicions about emails content

So I would advise you all to educate all your friend and friend friends who don’t know much about these things.

Reference: http://www.securityweek.com/spear-phishing-beyond-common-sense-defense

Advertisements
This entry was posted in IT Security, Week 19. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s