{"id":4129,"date":"2019-10-31T16:43:47","date_gmt":"2019-10-31T20:43:47","guid":{"rendered":"http:\/\/blog.valdosta.edu\/it\/?p=4129"},"modified":"2019-11-04T08:31:42","modified_gmt":"2019-11-04T13:31:42","slug":"cybersecurity-awareness-secure-it","status":"publish","type":"post","link":"https:\/\/blog.valdosta.edu\/it\/2019\/10\/31\/cybersecurity-awareness-secure-it\/","title":{"rendered":"Cybersecurity Awareness: Secure IT"},"content":{"rendered":"\n<figure class=\"wp-block-image\"><img loading=\"lazy\" decoding=\"async\" width=\"644\" height=\"227\" src=\"https:\/\/blog.valdosta.edu\/it\/wp-content\/uploads\/sites\/19\/2019\/10\/ncsam2019_logoB-644x227.jpg\" alt=\"Own, Secure, Protect IT. October 2019 National Cyberscurity Awareness Mont #BeCyberSmart\" class=\"wp-image-4111\" srcset=\"https:\/\/blog.valdosta.edu\/it\/wp-content\/uploads\/sites\/19\/2019\/10\/ncsam2019_logoB-644x227.jpg 644w, https:\/\/blog.valdosta.edu\/it\/wp-content\/uploads\/sites\/19\/2019\/10\/ncsam2019_logoB-300x106.jpg 300w, https:\/\/blog.valdosta.edu\/it\/wp-content\/uploads\/sites\/19\/2019\/10\/ncsam2019_logoB-768x271.jpg 768w, https:\/\/blog.valdosta.edu\/it\/wp-content\/uploads\/sites\/19\/2019\/10\/ncsam2019_logoB-930x328.jpg 930w, https:\/\/blog.valdosta.edu\/it\/wp-content\/uploads\/sites\/19\/2019\/10\/ncsam2019_logoB.jpg 1559w\" sizes=\"auto, (max-width: 644px) 100vw, 644px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Navigate the Phishy Social Engineering Ocean<\/h2>\n\n\n\n<p><a href=\"https:\/\/www.sans.org\/security-awareness-training\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"Article by: SANS Security Awareness (opens in a new tab)\">Article by: SANS Security Awareness<\/a><\/p>\n\n\n\n<p class=\"has-normal-font-size\">Whether we like it or not, we all\nhave a digital footprint. Information about both our professional and personal\nlives are exposed, floating around the vast cyber ocean. Even if you prefer postal\nmail, telephone conversations, and writing checks, we\u2019re all at risk for\nfalling victim to social engineering attacks.<\/p>\n\n\n\n<p class=\"has-normal-font-size\">The piranhas in the ocean (the\nadversaries) try their best to trick us into sharing confidential, personal\ninformation. And their most common attack vector is via social engineering.\nThis trickery can occur through email, phone, face-to-face, or the stormy web.\nIt makes social engineering a major factor in cyber security awareness and\nprotecting our digital footprint.<\/p>\n\n\n\n<p class=\"has-medium-font-size\"><strong>Navigating the Social Engineering Ocean<\/strong><\/p>\n\n\n\n<p class=\"has-normal-font-size\">Cyber attackers and social engineers\nwill modify their tactics, but there are some common signs to help you\nrecognize an attack. Let\u2019s look at a cyber criminal\u2019s trends and tactics. <\/p>\n\n\n\n<p class=\"has-normal-font-size\"><strong>Phishing<\/strong> \u2013 Using e-mail to trick you into providing sensitive\ninformation, to include a Reply to the original malicious e-mail, clicking on\nbogus links or opening attachments, and entering data.<\/p>\n\n\n\n<p class=\"has-normal-font-size\"><strong>Spear Phishing\u2013<\/strong> These are phishing attempts aimed at specific\ntargets, such as research engineers.<\/p>\n\n\n\n<p class=\"has-normal-font-size\"><strong>Pretexting<\/strong> \u2013 Typically utilized in email, this is a technique\nwhere a fake situation is created using publicly available details on the\ntarget where the information is used for manipulation or impersonation. <\/p>\n\n\n\n<p class=\"has-normal-font-size\"><strong>Scareware<\/strong> \u2013 As the name implies, a frightful pop-up attempting\nyou to type in confidential, personal, and private information in order to\nrectify an infected computer issue.<\/p>\n\n\n\n<p class=\"has-normal-font-size\"><strong>Vishing<\/strong> \u2013 Utilizing the telephone in attempt to trick you\ninto providing valuable, most likely confidential, information. <\/p>\n\n\n\n<p class=\"has-normal-font-size\"><strong>Baiting<\/strong> \u2013 An attempt to hook you in by\noffering goods, such as a free device or gift card.<\/p>\n\n\n\n<p class=\"has-normal-font-size\">According to the <a href=\"https:\/\/enterprise.verizon.com\/resources\/reports\/dbir\/\">2018 Data Breach Investigations Report<\/a>, phishing and pretexting represent 98% of social incidents, and 93% of breaches. Coming in at 96%, <strong>e-mail continues to be the most common vector<\/strong>.<\/p>\n\n\n\n<p class=\"has-normal-font-size\">While their tactics may seem difficult to spot on the surface, here are some common ways to spot and thwart social engineering attempts while navigating the social engineering ocean. They include:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Requests\nor appeals for sensitive, personal information, such as SSN, user IDs,\npasswords, or banking information.<\/li><li>Sending\ncorrespondence that comes with a sense of urgency \u2013 you may be missing out on a\ndeal, service or network shutoff, or even loss of funds. <\/li><li>Unsolicited\ncommunication from a perceived authority, perhaps your bank or utility company.<\/li><\/ul>\n\n\n\n<p class=\"has-normal-font-size\">Remember that social engineers exploit our willingness to provide information and are good at creating a trust relationship. Being able to recognize social engineering attempts is key, especially if that attempt includes the mother lode of social engineering: the phish.<\/p>\n\n\n\n<p class=\"has-normal-font-size\"> So how do we guard against these phishing attacks? Unfortunately, there is no one key tactic or process, but a host of things you can look for. The table below lists ways to help <strong>identify the dangerous phish<\/strong><\/p>\n\n\n\n<table class=\"wp-block-table\"><tbody><tr><td>\n  <strong>DO&#8230;<\/strong><strong><\/strong>\n  <\/td><td>\n  <strong>DO NOT&#8230;<\/strong><strong><\/strong>\n  <\/td><\/tr><tr><td>\n  Check\n  the FROM address, be wary of perceived reputable companies with GMAIL or\n  foreign domains.\n  <\/td><td>\n  Click\n  on any links or attachments unless you have verified that it\u2019s from a trusted\n  source.\n  <\/td><\/tr><tr><td>\n  Mouse\n  over links to see the real destination.\n  <\/td><td>\n  Give\n  out personal or private information.\n  <\/td><\/tr><tr><td>\n  <strong>DO&#8230;<\/strong>\n  <\/td><td>\n  <strong>DO NOT&#8230;<\/strong>\n  <\/td><\/tr><tr><td>\n  Keep\n  anti-virus software up to date.\n  <\/td><td>\n  Enter\n  your username and password information into any portal that you don\u2019t\n  recognize. Navigate directly to the website and log in.\n  <\/td><\/tr><tr><td>\n  Use\n  different passwords for your accounts, and immediately change if you suspect\n  a breach. Consider using a passphrase or implementing multi-factor\n  authentication for added protection.&nbsp; \n  <\/td><td>\n  Click\n  or call listed phone numbers that are included in pop-up ads.\n  <\/td><\/tr><tr><td>\n  Check\n  for URLs that don\u2019t match the website you intend to visit or poor grammar and\n  spelling.\n  <\/td><td>\n  Succumb\n  to phishing messages with offers that seem too good to be true or threats.\n  <\/td><\/tr><\/tbody><\/table>\n\n\n\n<p> <a rel=\"noreferrer noopener\" href=\"http:\/\/www.valdosta.edu\/security\" target=\"_blank\">Visit VSU Division of Information Security website for additional information.<\/a> <br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Navigate the Phishy Social Engineering Ocean Whether we like it or not, we all have a digital footprint. Information about both our professional and personal lives are exposed, floating around the vast cyber ocean. Even if you prefer postal mail, telephone conversations, and writing checks, we\u2019re all at risk for &hellip;<\/p>\n","protected":false},"author":104,"featured_media":4111,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[357,3],"tags":[242,248,370,81],"class_list":["post-4129","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","category-tips","tag-cyber","tag-cybersecurity","tag-information-security","tag-security"],"acf":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/blog.valdosta.edu\/it\/wp-content\/uploads\/sites\/19\/2019\/10\/ncsam2019_logoB.jpg","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pau9Jr-14B","_links":{"self":[{"href":"https:\/\/blog.valdosta.edu\/it\/wp-json\/wp\/v2\/posts\/4129","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.valdosta.edu\/it\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.valdosta.edu\/it\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.valdosta.edu\/it\/wp-json\/wp\/v2\/users\/104"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.valdosta.edu\/it\/wp-json\/wp\/v2\/comments?post=4129"}],"version-history":[{"count":4,"href":"https:\/\/blog.valdosta.edu\/it\/wp-json\/wp\/v2\/posts\/4129\/revisions"}],"predecessor-version":[{"id":4139,"href":"https:\/\/blog.valdosta.edu\/it\/wp-json\/wp\/v2\/posts\/4129\/revisions\/4139"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.valdosta.edu\/it\/wp-json\/wp\/v2\/media\/4111"}],"wp:attachment":[{"href":"https:\/\/blog.valdosta.edu\/it\/wp-json\/wp\/v2\/media?parent=4129"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.valdosta.edu\/it\/wp-json\/wp\/v2\/categories?post=4129"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.valdosta.edu\/it\/wp-json\/wp\/v2\/tags?post=4129"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}