SEARCH

Lots of phishing going on: Stop, think, click

How do you stop phishers? Look for these clues. Click to enlarge.
How do you stop phishers? Look for these clues. Click to enlarge.

OK, you’ve heard it over and over…don’t click on unknown links. Well, people, even smart people, don’t listen. You get an email from someone that you know, click on what is said to be a “secure” link and your adventure begins.

googledocs - Secure Login
Here’s the bait. It looks official. People click and type in their password, giving their email account and contacts to hackers.

Now the phisher has you lured in. You’re asked to sign in. A nasty bot takes control of your computer, steals your contact list and sends everyone on your list an invitation to become infected.

Recommendations:

    • Look at the illustration at the top of this email. Be aware.
    • Do not follow unsolicited web links in email messages or submit any email account or password information to unknown webpages in links.
    • Use caution when opening email attachments. Refer to Using Caution with Email Attachments for more information on safely handling email attachments.
    • Maintain up-to-date anti-virus software.
    • Perform regular backups of all systems to limit the impact of data and/or system loss.
    • Apply changes to your Intrusion Detection/Prevention Systems and Firewalls to detect any known malicious activity.
    • Secure open-share drives by only allowing connections from authorized users.
    • Keep your operating system and software up-to-date with the latest patches.
    • Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
    • Refer to the Security Tip Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

US-CERT and DHS encourage users and administrators experiencing a ransomware infection NOT to respond to extortion attempts by attempting payment and instead to report the incident to the FBI at the Internet Crime Complaint Center (IC3).

Here are some free resources to see if your computer is infected (from STOP. THINK. CONNECT.™  the global cybersecurity awareness campaign to help all digital citizens stay safer and more secure online. – See more at: http://www.stopthinkconnect.org/)

For more tips about cybersecurity, check out the following non-technical publications: