ZLABS‎ > ‎000 You Start Here‎ > ‎001 SECURITY‎ > ‎001 NETSEC‎ > ‎

Phishing

Updated 07/16/2017


   Once upon a time it was easy to know
   who the "Bad Guys" were.  Using the
   Internet it can be anyone from your local
   neighbor to a Foreign Government to
   organized crime syndicates.

   The secret is thinking before you jump,
   and looking for the tattle tale signs so
   many leave for us indicating a fraud.

   You won't catch all but you can most.


   There is a very informative document, including examples, posted on CSO (Chief
   Security Organization) Magazine with a survey conducted by Diligent covering 2,000
   US internet users to test their security savvy.  76% passed the phishing test but other
   information became evident.  While 76% is a "passing" grade, it means the "Bad Guys"
   are scoring 24% which needs to approach or become ZERO!


   Visit Can You Spot the Phish to improve your ability to stay out of trouble!
   You may need to provide information to access the site... no known problems doing it.

   A WORD OF CAUTION:
   The Bad Guys also are hackers which have been using legitimate websites as a base
   for their fraudulent activities.  The attack starts with a legitimate company's website
   being hacked into to.  The Bad Guys them build a website within the legitimate
   company's website using lengthy URL records with a mixture of letters and numbers
   creating an illusion this belongs to the Operating System of the website or files for an
   application system ... thus no one explores it.  From here the Bad Guys can launch
   their attacks using e-mails promoting anything to entice you to click ANYTHING, as
   most of the e-mail will contain links back to their website.


    One hazard of being a cyber security reporter is that attackers send phishing emails to my
    inbox on a daily basis.
    If you don't believe me, ask the security team at Time Inc., Fortune's parent company.
    Typical correspondence between Time Inc.'s IT security team and me, dated June 21, 2017.
    Truth is, anyone online can be a target for hackers, spies, and cybercriminals. You might not
    think you're that interesting, but the funny thing about networks is that even if you are boring
    (surely, you mustn't be, given that you're a Fortune reader), hackers may still aim to A) profit
    from your misfortune, and B) use you as stepping stone to get at someone else.