Cyber Security

Phishing

What is a Phishing Attack?

Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization. Attackers have been successful at sending emails that appear to come from a reputable credit card company or financial institution requesting verification of account information, often suggesting that there is a problem. When victims respond with the requested information, attackers can use it to gain access to the accounts.

How do you avoid being a victim?

Just because an email message looks like it came from family, friends, colleagues or an organization you trust, doesn't mean that it did. Cyber criminals can "spoof" the return address, making it look like the message came from someone else. Here are a few simple steps to prevent you from falling victim.

  • Pay attention to the address of a website. Malicious websites may look identical to a legitimate site, but the address may use a variation in spelling or a different domain (e.g., .com vs .net).
  • Do not reveal personal or financial information in email, and do not respond to email solicitations for this information. This includes following links sent in email.
  • Before you login, check that the websites security is enabled look for https:// in your browsers address bar.
  • If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly with information you already have on file or via other publicly available information.

What do you do if you think you are a victim?

  • Immediately change any passwords you might have revealed. If you used the same password for multiple resources, make sure to change it for each account, and do not use that password in the future.
  • Contact the IT Helpdesk (This email address is being protected from spambots. You need JavaScript enabled to view it. or 215-641-6495) if you suspect your College account may be at risk.

Phishing Test

Put your phishing knowledge to the test. Check out additional examples, skill builders and links to quizzes at the MCCC IT Knowledgebase linked below.
https://kb.mc3.edu/category.php?id=45.

    Stop Think Connect

The Stop, Think, Connect website is funded and managed by the Anti-Phishing Working Group (APWG) , the National Cyber Security Alliance (NCSA), the Department of Homeland Security, and numerous corporate donors. This website contains an abundance of tips and advice that will protect you and your family from current cyber– threats, including specific recommendations for securing mobile devices.

SANS Institute Top 5 Steps to Staying Secure

Resources/Links to Include

www.mc3.edu/security (authentication required)
http://www.staysafeonline.org/
http://stopthinkconnect.org/
https://www.privacyrights.org/
http://www.onguardonline.gov/
https://www.sans.org/tip_of_the_day.php
http://www.securingthehuman.org/resources/newsletters/ouch/2014
Knowledge Base for Mobile Security

mc3-footer