image83

Additional Information

Phishing 101

image84

What is Phishing?

Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.


The information is then used to access important accounts and can result in identity theft and financial loss.

Definition:

 The fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers. 

How to Report Phishing:

Step 1. If you got a phishing email, forward it to the FTC at spam@uce.gov and to the Anti-Phishing Working Group at reportphishing@apwg.org. If you got a phishing text message, forward it to SPAM (7726).


Step 2. Report the phishing attack to the FTC at ftc.gov/complaint.

What is Phishing?

Here is a great video that shows a little demonstration on how phishing works. 


Phishing scams are a growing threat on the Internet. By being aware of the scam, — you can feel confident in working with companies online. 

Types of Phishing:

Domain spoofing:

Here the attacker forges the domain of the company, to impersonate its victims. Since the victim receives an email with the same domain name of the company, they believe that it’s from trusted sources, and hence are victimized.

Whaling:

Whaling phishing attack or CEO fraud as the name suggests are targeted on high profile individuals like CEO, CFO, COO or senior executives of a company. 

Vishing:

The fraudsters call on mobile, and ask for personal information, posing themselves as a trust-worthy identity. For e.g. they may pretend to be a bank employee, extract bank account numbers, ATM numbers or passwords, and once you have handed that information, it’s like giving these thieves, access to your accounts and finances. 

SmiShing:

 SMS + Phishing = SmiShing.


Just like Vishing, mode of SmiShing attacks is also related to mobiles. Here the attacker sends a SMS message to the target person, to open a link or an SMS alert. Once they open the fake message or alert, the virus or malware is instantly downloaded in the mobile. In this way, the attacker can get all the desired information stored on your mobile, useful for stealing your money.

Email phishing:

  the victim gets an e-mail from the hacker to check some unknown transactions in their business bank account, with a fake link attached to a site which is almost as good as real. Without thinking for a second, the victim opens the fake link and enters the account details and passwords. That’s it. You are attacked. 

Spear phishing:

Spear phishing is an email attack done by a foe pretending to be your friend. To make their attack successful, these fraudsters invest in a lot of time to gather specific information about their victims; i.e. victim’s name, position in company, his contact information etc.


They later customize their emails, with the gathered information, thus tricking the victim to believe that the email is sent from a trustworthy source.


Fake URL and email links are attached in the email asking for private information. Spear phishing emails are targeted towards individuals as well as companies to steal sensitive information for making millions.


image85

This is a long form text area designed for your content that you can fill up with as many words as your heart desires. You can write articles, long mission statements, company policies, executive profiles, company awards/distinctions, office locations, shareholder reports, whitepapers, media mentions and other pieces of content that don’t fit into a shorter, more succinct space. Articles – Good topics for articles include anything related to your company – recent changes to operations, the latest company softball game – or the industry you’re in. General business trends (think national and even international) are great article fodder, too. Mission statements – You can tell a lot about a company by its mission statement. Don’t have one? Now might be a good time to create one and post it here. A good mission statement tells you what drives a company to do what it does. Company policies – Are there company policies that are particularly important to your business? Perhaps your unlimited paternity/maternity leave policy has endeared you to employees across the company. This is a good place to talk about that. Executive profiles – A company is only as strong as its executive leadership. This is a good place to show off who’s occupying the corner offices. Write a nice bio about each executive that includes what they do, how long they’ve been at it, and what got them to where they are.