Cybersecurity Awareness Posters - Set #2
- 1. Millions of people are targets of phishing scams each day. Cyber criminals use a variety of tricks to disguise themselves as legitimate companies, your colleagues, and people you would normally trust. Make sure you know who you are really communicating with and be careful of suspicious links. October is National Cyber Security Awareness Month. For more information and tips to stay safe online, visit: https://www.dhs.gov/ncsam Doessomething seem“phishy”toyou?
- 2. How to Spot a Phishing Scam Generic subject line Legitimate emails usually have detailed subject lines. A vague subject line can be a key indicator of a phishing scam. Suspicious URL Hover over links included in emails to see the actual destination of the URL. Bad grammar/spelling Phishing emails often contain misspelled words and bad grammar. This is a sign that the email did not come from a professional organization or a real person you may know. Dear Webmail User, You are required to authenticate your account below to continue sending and receive messages. We strongly advice you to upgrade now to protect your web/Domain and avoid termination. Follow link to verify your email address immediately: www.security.webmail.com. Failure to update might process your account as inactive, and you may experience termination of services or undue errors. Please comply with new server requirements and read through the attached privacy policy. Wondering why you go this email? This email was sent automatically during routine security checks. We are trying to protect your account so you can continue using services uninterrupted. Thanks, Webmail Master ©2017 Webmail Domain Subject: Urgent Email From: Webmail Master Security (webmastersecurity@webmail.com) Improper use of copyright Watch for improper use of copyright information. This is used to make the phishing email look official. Unnecessary urgency Use your intuition and if something 'feels' wrong, consider calling the organization or office directly to validate the email. Types of Social Engineering Online communications or emails designed to lure individuals into providing sensitive information. Tip: When in doubt, throw it out. If an email looks suspicious, contact the organization/individual directly to validate the legitimacy of the email. You can also report the email to your email provider’s IT Security department. An act of wrongfully obtaining and using another person’s information that involves fraud or deception. Tip: Be diligent before posting personal information online and think carefully before sharing information through apps and websites. Identity Theft:Phishing: A type of malware that prevents or limits users from accessing their system or select files, unless a ransom is paid to restore access. Tip: Be proactive and protect against data loss by backing up your files and keeping them safe on a physical, external storage device. Ransomware: For more information and tips to stay safe online throughout the year, visit: https://www.dhs.gov/ncsam Cyber crime is a critical threat with social engineering attacks becoming more sophisticated, realistic, and difficult to recognize. Phishing attacks are one of the most common forms of cyber crime. What does a phishing email look like? Review the example below for characteristics of a phishing scam disguised to look like a legitimate email.
- 3. DON’T GET REELED IN. Phishing is a scam by which an email user is duped into revealing personal or confidential information that the scammer can use illicitly or fraudulently. PHISHING PREVENTION 101 Secure yourself from fraud and phishing attempts by: • Turning off the option to automatically download attachments • Saving and scanning any attachments before opening them • Before providing any kind of information, call and verify with the source that they are indeed the ones who sent the email or message For more information on phishing visit: http://www.cdse.edu/toolkits/cybersecurity
- 4. • Do not open attachments or click on links from untrusted sources • Never send personal information in an email • Keep your firewall and antivirus software updated CYBER SECURITY IS OUR SHARED RESPONSIBILITY DON’T TAKE THE BAIT
- 5. CONNECT WITH CARE • Keep your devices updated with the latest system and application patches • Assume that Wi-Fi connections are not secure, since many Wi-Fi hotspots don’t encrypt the information you send • Do not log into financial accounts or other sensitive accounts when using public Wi-Fi networks • Consider turning off features on your computer or mobile devices that allow you to automatically connect to Wi-Fi CYBER SECURITY IS OUR SHARED RESPONSIBILITY
- 7. CYBER SECURITY IS OUR SHARED RESPONSIBILITY PROTECT YOUR SMART PHONE • Make sure the OS and software are up to date at all times • Download apps from reputable sites and closely review permission requests • Make sure to check the feedback from other users before installing the program from an app store • Use a strong,complex password • Use a security app,if available for your device • Turn off Bluetooth and other connections when not in use • Jailbreak your phone • Download apps from third- party app stores and sites • Leave your mobile device unattended in public places • Enable your“Wi-Fi ad-hoc mode” DO’S DON’TS
- 8. KEEP YOUR PASSWORD SAFE BY FOLLOWING THESE EASY TIPS: DEVELOP strong passwords that use a combination of words, numbers, symbols, and both upper- and lower-case letters CREATEa password phrase and make it relevant. If you’re joining a shopping site for example, think “About to Use Shopping Site” and use “ABT2_uz_$h0pping” USE different passwords for every unique account, such as work, banking, and email DISABLE the “save password” feature in your Internet browser CYBER SECURITY IS OUR SHARED RESPONSIBILITY USE SECURE PASSWORDS