恶意软件和网络钓鱼

The Division of 信息 Technology (IT) continues to make improvements to security, 然而, the best defense against these attacks is knowing how to spot and report them.    

Spear Phishing is an email spoofing fraud attempt that targets a specific organization seeking unauthorized access to confidential data.  而鱼叉式网络钓鱼类似于网络钓鱼邮件, 这些信息通常更加个性化, making it appear that they are from a person or organization that you are familiar with.  The success of spear phishing hinges on its ability to appear authentic and how logical the request seems to be.  Everyone with an email address is a potential target.   

通过与供应商PhishMe的合作, IT launched an awareness program to help employees learn about the dangers of email fraud, 具体地说, 鱼叉式网络钓鱼邮件. Scenarios are developed collaboratively and used for educational purposes.  The program is focused on spear phishing attacks in the work place and sends out simulated phishing emails that mimic real ones.  If you get “reeled in” or “hooked” by a simulated phishing email, 培训模块将呈现给您, along with tips on how to recognize phishing email attempts and how to avoid becoming a victim in the future.  The tips are applicable to home use to help you protect yourself from identity theft and help you to protect your financial account information.  

数据泄露和信息安全风险 

Every single person as well as large and multi-national organizations are emphasizing for utilizing the technology and making their life comfortable.  Large companies and organizations use the Internet to get closer to their customers, 和他们建立在线关系, 为客户提供更多、快捷的服务.  The companies also create a profile of the company online and also ask their customers to make their online profile on a company website which might bring more royalty from their customers. Customers who create profiles or any type of account, 是否更有可能回来获得其他服务. 因此, companies can easily compile the profiles of their customers and have targeted marketing directed at their needs.

创建了此类配置文件的客户, 相信他们的数据会被保密, 安全, and will not be misplaced or compromised by the company staff or any other type of unauthorized usage. If there is any lack of trust between their clients and the company, 隐私问题将会出现, and these issues can create problems for organizations later on and they might face difficulty in maintaining and developing a healthy relationship with their customers. 

Companies who collect data are required by law to keep their data secure. There are three specific concerns regarding information security and privacy which are identified frequently by the consumers.

• 外部实体未经授权使用数据
• 安全风险和数据泄露
• lack of penetration testing by the application developers

A survey has concluded results that both privacy invasion and errors has an inverse relationship with the online purchasing behavior; although, it seemed that unauthorized use of the data has little impact. The managerial implications include the selection of channels of communications for greater impact, 准确的数据处理, and maintenance of permission-based contact with the users. 

网络钓鱼的智商

Have you ever wonder how many of the emails you receive are phishing emails?

You may have realized that many times the fake lottery ticket, 或者来自国税局的电子邮件是假的-网络钓鱼电子邮件. Test yourself with the IQ test from the creators of the Sonicwall firewalls (DeLL). 

你的网络钓鱼智商如何?  

病毒

A computer virus is a small piece of code written to alter the way a computer operates, 未经用户许可或不知情.

计算机病毒必须满足两个条件:

它必须自己执行. 

它必须自我复制. 

计算机病毒?  

蠕虫

蠕虫s are programs that replicate themselves from system to system without the use of a host file. 

蠕虫s generally exist inside of other files, often documents. Usually the worm will release a document that already has the "worm" macro inside the document. The entire document will travel from computer to computer, so the entire document should be considered the worm.  

特洛伊木马

Trojan horses are impostors--files that claim to be something desirable but, in fact, are malicious. Trojans contain malicious code, that, when triggered, cause loss, or even theft, of data. 为了让特洛伊木马传播开来, 你必须, 实际上, invite these programs onto your computers by opening an email attachment. 

特洛伊木马?  

苹果综合症

也许, one of the biggest complacency risks out there is the “Apple syndrome” - as in, “我不会因为使用Mac而面临恶意软件的风险.”

Many users believe that their Apple device is immune to the viruses; 然而, this is a myth.

Although the number if viruses targeting a mac operating system platform is fewer than PC platform, mac电脑也有病毒，可能会损坏.

Ransomware

For the past few years a trend overtook the business market - ransomware attacks.  They have taken place more often because employers failed to educate and train their employees. 

在这些攻击中，是一种恶意软件, 罪犯寄来的, takes over your files and encrypts those with a secret key. Afterwards it displays a message asking for most common cryptocurrency to give you back your files.

Ransomware预防  

攻击

Many users do not consider themselves as a high target. 然而 ransomware can sit on your device for a long time and the get activated at work when you take your own device to work.

即使你连上了无线网络, the ransomware can use your network connection and spread across the network.

实时安全攻击