Information Security Awareness Tips on Phishing

Information is power . Information in this digital era can be turned into meaningful data which could impact on users of the technology and business trends worldwide. The world is global village thanks to technological advancements. Our global village is under threat of frequent   cyber-attacks. this has resulted in the need for the globe safe guard and protect personal information.

Due fear of cyber-attack most people have lost trust on the internet. Fear could hinder further adoption of the internet, trust is not simple box-ticking exercise. Trust is a conviction therefore to bring back the trust it requires organizations to instill culture of privacy and to invest in education and awareness.

Today I would love to create awareness on a common cyber attack that everyone should be aware of Phishing

Phishing is the most common type of cyber attack that affects organization all over the world. Phasing attacks can take many forms but they all share a common goal -getting you to share sensitive information such as login credentials, bank account details, credit card details, personal email password details.

Although organization try to maintain controls to help protect their networks and computers from cyber-attacks absolute safety and security cannot be guaranteed

Here are a few different types of Phishing attacks to watch out for;

Spear phishing: spear phishing is a more sophisticated phishing attack that includes customized information that makes the attacker seem like a legitimate source. they may use your name and phone number and refer to an organization name in the email to trick you into thinking that they have a connection to you, making you more likely to click a link attachment that they provide.

Phishing; in this type of attack hackers impersonate a real company to obtain your log in credentials. you may receive an email asking you to verify your account details with a link that takes you to an imposter login screen that delivers your information directly to the attackers

Whaling : whaling is a popular ploy aimed at getting you to transfer money or receive sensitive  information to the an attacker via email by impersonating a real company executive using a fake domain that appears similar to the one you are used to , they look like normal emails from high level officials  of the company  typically from the Chief finance officer(CFO) or Chief executive officer (CEO)  and ask you for sensitive information including usernames and passwords

Shared document phishing.  here you may receive an email that appears to come from file sharing site like drop box or google drive alerting you that a document has been shared with you. the link provided in these emails will take you to a fake login page that mimics the real login page and will steal your account credentials

To avoid these phishing attacks, do the following;

i) Do not lick on links or attachments from senders that you do not recognize. Be especially wary of zip other compressed or executable file type

ii) Do not try to open any shared document that you are not expecting to receive. be especially cautious when opening attachments or clicking links if you receive an email containing a warning banner indicating that it originated from an external source

iii) Lastly do not provide sensitive information like usernames and passwords over email. Watch for emails senders that use suspicious or misleading domain names. inspect URLs carefully to make sure they are legitimate and not imposter site

Thanks for reading this article. Have a fruitful day, won’t you!!!

Leave a Reply

Your email address will not be published. Required fields are marked *