Phishing Awareness

What is Phishing?

Phishing Is A Fake Email

The long definition is that phishing is the act of attempting to acquire information such as usernames and passwords by masquerading as a trustworthy entity in an electronic communication.

Is Phishing A Threat?

29%of security breaches involve social tactics, such as phishing

Source: 2013 Verizon Data Breach Investigations Report

71%

Phishing Is The Most Used Social Tactic

91% of targeted attacks use spear-phishing emails.

Spear-Phishing is when detailed information about the recipient, company or others is used to make the email look more credible.

And It’s Getting Worse

Phishing Is On The Rise

The total number of phishing attacksincreased 59 percentfrom 2011 to 2012

In 2012-2013, 37.3 million users worldwide were subjected tophishing.

Phishing In The News

A single victim of a phishing attack can impact on millions.

The attack on the AP Twitter Account has a serious impact on the stock market.

Impact of the attack on the stock market

No Company Is Immune!Even security companies can fall victim.

What Can You Do?

1. Know the signs of a phishing attack

2. Report phishing attacks

1. Generic greeting

2. Invokes fear

1

2

3. Requires action3

4. Threating language4

55. Grammar Issues

Common Phishing Traits

6. Generic Closing6

DO hover over links verify its location

DO NOT click on unknown links

DO report the suspected attack

DO NOT reply to suspicious requests

4

What To Do

There’s More:DO NOT rely on the “from” and “reply to” email addresses as these can be faked

BE SUCPSIOUS of unsolicited attachments

CONFIRM information out of band. That is, contact the sender on a known line, email, website, or other method.

DO NOT use information in the email.

Phishing attacks are only limited to the creativity of the attacker.

When In Doubt, Ask Your Security Office.DO NOT CLICK, RESPOND, OR DOWNLOAD!