by Senior Airman Brett Clashman
99th Air Base Wing Public Affairs
1/2/2014 - NELLIS AIR FORCE BASE, Nev. -- When you hear the term
"phishing" you can't help but think of a boat, bait and a fishing
pole. However, in this case, phishing is a scam of evil intentions.
If you're looking to avoid becoming a victim, all you have
to do is keep an eye out for activities that don't look right.
According to the Federal Deposit Insurance Corporation, the
term "phishing" - as in fishing for confidential information - refers
to a scam that includes fraudulently obtaining an individual's personal or
financial information.
"Phishing is the act of attempting to acquire personal
information by masquerading as a trustworthy entity in an electronic
communication, usually in an email," said Senior Airman Daniel Shipley,
99th Air Base Wing information assurance office. "The information can
include usernames, passwords and credit details."
There are two different types of phishing. The first is
regular phishing where an email is received from various sources posing as an
authorized domain. Sometimes a victim will see an email from "banks"
asking you to verify your information on a "site" that looks a lot
like a regular banking site. Any information entered is stored on a server
owned by the phisher.
"There is also spear-phishing, which includes attacks
that are usually targeted at specific people and often are looking for
information about or from that person," Shipley said. "It is closely
related to regular phishing but has a much smaller focus on targets."
The results of phishing can be staggering to an individual.
A phisher can access your credit card or banking information to run up your
debt or drain your bank account.
Fortunately, Airmen can defend against spear-phishing
attacks by double checking anything that seems out of the ordinary.
"If you think that an email is a phishing attempt, the
best practice is to contact the organization you think is behind the email and
check [its] validity," Shipley said. "Do not forward the email or
print it, delete the email, go into the deleted items, locate the email, right
click, go to the junk e-mail menu and click 'add sender' to blocked senders
list."
Also notify your unit information assurance officer if you
receive a suspicious phishing email at work. If the unit IAO wants to check the
email, they can access the user's computer and view it on their system. If it
is a sufficient threat to the integrity of the user's information or any
government owned information system, call your installation's Information
Assurance Office.
No comments:
Post a Comment