Cyber Security Awareness Month - Social Engineering
October is National Cyber Security Awareness Month!
From the recent Equifax data breach to increased incidents of phishing attacks, cybercrime is on the rise and it can affect anyone at CWRU. This week learn about Phishing Attacks.
Social Engineering/Phishing Attacks
Social Engineering occurs when a cyberthief entices you to share your login credentials, bank account or credit card info, SSN or other confidential data, or otherwise perform an action to subvert your security/personal information. Phishing scams are probably the best known kind of social engineering attack.
Don't Be Phooled!
Phishing attacks are on the rise. They are the #1 delivery system for malware and ransomware, most often in attachments or screen pop-ups. Though nearly 80% of people think they're smart enough to spot electronic trickery, up to 30% still click on malicious emails or links.
Commonly seen attacks include:
- Fake invoices
- Fake package delivery notices
- A spoof of CWRU Single Sign-On log-ins
- Hoax sites
- Job scams
[U]Tech's Information Security Office (ISO) provides samples of representative scam emails, available to logged-in users.
Phamiliarize Yourself with How to Avoid Being Victimized
- Be aware that CWRU will never request confidential information through an email.
- You should always sign in to the system through Single Sign-On at login.case.edu.
- Learn about how common attacks look and read.
- Be cautious instead of too trusting. Follow your instincts when something appears suspicious, and never click on an attachment you don't trust.
- Send suspicious emails received in your university account to the [U]Tech Service Desk at firstname.lastname@example.org.
If You've Phallen Victim...
- Take action quickly
- Change your password/other credentials
- Review this article for how to deal with the aftermath: 5 Steps to Take After Clicking on a Phishing Link
Get More Inphormation
To learn more about what to do against phishing, please visit the Information Security Office site.
Finally, a great site to review for phishing protection is provided by the Federal Trade Commission. Visit onguardonline.gov/phishing.
< Previous | Next >