Getting Phished
December 2018
From advance-fee scams to spoofed email addresses, phishing has long been the go-to attack in the social engineer’s playbook. In this month’s issue, we cover why phishing works via a real-life example, and highlight the obvious signs of an attack with a phishing identification checklist. From there, we cover the perils of ransomware attacks, which have surged in 2018, and wrap things up by illustrating how organizations can defend against the ever-dangerous Advanced Persistent Threats.
- Name three signs of a phishing email. (Bad grammar/spelling, unrealistic offers, threatening language, a sense of urgency, unexpected attachment, a call-to-action, unrecognizable address)
- True or False: if an email comes from someone you know, there’s no way it’s a phishing attack. (False)
- With one wrong click, this type of attack could lock up our entire organization’s networks. (Ransomware)
- Never allowing someone else to use your credentials for any reason is an example of what? (Respecting privileged access)
- By always doing this, you help strengthen our organization’s security posture and prevent unnecessary risks. (Following policy)