MOREnet Blogs

Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and money), often for malicious reasons, by disguising as a trustworthy entity in an electronic communication.

Why do crooks phish? Because it works!

Who is being phished? `

Phishing is the #1 cause of a compromise. Social engineering  includes various techniques in order to trick you into divulging your personal information.

  • Smishing (SMS phishing) uses text messages
  • Vishing (voice phishing) uses the phone to urge the victim to contact a specific number and then are prompted to enter in account numbers and PIN. Phone numbers are easily spoofed and may appear to be from a legitimate organization.
  • Spear phishing and whaling will be more targeted attacks. The spear phish may be targeting certain departments such as human resources or payroll. Whaling aims at higher level executives.
  • Tabnapping technique will silently redirect the user to the affected site by opening the site in one of the users open browser tabs.
  • A phishing technique that may be harder for the victim to spot is the Evil Twin. This method uses a fake wireless network that looks like a legitimate public network. Victims who mistakenly log into the criminals network will have the crooks trying to capture their passwords and other personal information as they visit various sites.

MOREnet has partnered with Cofense to assist our members in effectively building their cyber security awareness program.

Cofense PhishMe simulations include:

  • Current and relevant content
  • Unlimited campaigns
  • Customizable templates
  • Robust reporting features
  • Single Sign On (SSO)
  • Phish reporting button
  • Just in time education

Couple this program with the CBFree education modules as part of an ongoing security awareness program. These modules cover a vast array of topics including passwords, physical and mobile security, phishing, malware and data protection.

Categories: Cyber Security

Leave a Reply