{"id":11671,"date":"2017-02-01T08:30:42","date_gmt":"2017-02-01T06:30:42","guid":{"rendered":"http:\/\/blogs.sun.ac.za\/it\/?p=11671"},"modified":"2017-05-04T11:51:36","modified_gmt":"2017-05-04T09:51:36","slug":"learn-what-it-takes-to-refuse-the-phishing-bait","status":"publish","type":"post","link":"https:\/\/blogs.sun.ac.za\/it\/2017\/02\/learn-what-it-takes-to-refuse-the-phishing-bait\/","title":{"rendered":"[:en]Learn What It Takes to Refuse the Phishing Bait![:]"},"content":{"rendered":"<p>[:en]<\/p>\n<p>\n <img loading=\"lazy\" decoding=\"async\" src=\"http:\/\/blogs.sun.ac.za\/it\/files\/2017\/01\/lokaas-394x500.jpg\" alt=\"\" width=\"394\" height=\"500\" align=\"right\" \/>Cybercriminals know the best strategies for gaining access to your institution\u2019s sensitive data. In most cases, it doesn\u2019t involve them rappelling from a ceiling\u2019s skylight and deftly avoiding a laser detection system to hack into your servers; instead, they simply manipulate one staff member or student.<\/p>\n<p>According to IBM\u2019s <a href=\"http:\/\/www.ibm.com\/developerworks\/library\/se-cyberindex2014\/index.html\">2014 Cyber Security Intelligence Index<\/a>, human error is a factor in 95 percent of security incidents. Following are a few ways to identify various types of social engineering attacks and their telltale signs.<\/p>\n<ul>\n<li><strong>Phishing isn\u2019t relegated to just e-mail!<\/strong> Cyber criminals will also launch phishing attacks through phone calls, text messages, or other online messaging applications. Don\u2019t know the sender or caller? Seem too good to be true? It\u2019s probably a phishing attack.<\/li>\n<li><strong>Know the signs.<\/strong> Does the e-mail contain a vague salutation, spelling or grammatical errors, an urgent request, and\/or an offer that seems impossibly good? Click that delete button.<\/li>\n<li><strong>Verify the sender.<\/strong> Check the sender\u2019s e-mail address to make sure it\u2019s legitimate. If it appears that our help desk is asking you to click on a link to increase your mailbox quota, but the sender is \u201cUniversityHelpDesk@yahoo.com,\u201d it\u2019s a phishing message.<\/li>\n<li><strong>Don\u2019t be duped by aesthetics.<\/strong> Phishing e-mails often contain convincing logos, links to actual company websites, legitimate phone numbers, and e-mail signatures of actual employees. However, if the message is urging you to take action \u2014 especially action such as sending sensitive information, clicking on a link, or downloading an attachment \u2014 exercise caution and look for other telltale signs of phishing attacks. Don\u2019t hesitate to contact the company directly; they can verify legitimacy and may not even be aware that their name is being used for fraud.<\/li>\n<li><strong>Never, ever share your password. Did we say never? Yup, we mean <em>never<\/em>.<\/strong>Your password is the key to your identity, your data, and your classmates\u2019 and colleagues\u2019 data. It is for your eyes only. The IT department will never ask you for your password.<\/li>\n<li><strong>Avoid opening links and attachments from unknown senders.<\/strong> Get into the habit of typing known URLs into your browser. Don\u2019t open attachments unless you\u2019re expecting a file from someone. Give them a call if you\u2019re suspicious.<\/li>\n<li><strong>When you\u2019re not sure, call to verify.<\/strong> Let\u2019s say you receive an e-mail claiming to be from someone you know \u2014 a friend, colleague, or even the rector of the university. Cyber criminals often spoof addresses to convince you, then request that you perform an action such as transfer funds or provide sensitive information. If something seems <em>off<\/em> about the e-mail, call them at a known number listed in the university\u2019s directory to confirm the request.<\/li>\n<li><strong>Don\u2019t talk to strangers!<\/strong> Receive a call from someone you don\u2019t know? Are they asking you to provide information or making odd requests? Hang up the phone and report it to the helpdesk.<\/li>\n<li><strong>Don\u2019t be tempted by abandoned flash drives.<\/strong> Cyber criminals may leave flash drives lying around for victims to pick up and insert, thereby unknowingly installing malware on their computers. You might be tempted to insert a flash drive only to find out the rightful owner, but be wary \u2014 it could be a trap.<\/li>\n<li><strong>See someone suspicious? Say something.<\/strong> If you notice someone suspicious walking around or \u201ctailgating\u201d someone else, especially in an off-limits area, call campus safety.<\/li>\n<\/ul>\n<p style=\"text-align: right;\">[ARTICLE FROM\u00a0<a href=\"http:\/\/er.educause.edu\/\">Educause<\/a>]<\/p>\n<p>[:af]<\/p>\n<p>&nbsp;<\/p>\n<p>[:]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[:en] Cybercriminals know the best strategies for gaining access to your institution\u2019s sensitive data. In most cases, it doesn\u2019t involve them rappelling from a ceiling\u2019s skylight and deftly avoiding a laser detection system to hack into your servers; instead, they simply manipulate one staff member or student. According to IBM\u2019s 2014 Cyber Security Intelligence Index, [&hellip;]<\/p>\n","protected":false},"author":259,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[20382,49,29187],"tags":[29170,20381,3636],"class_list":["post-11671","post","type-post","status-publish","format-standard","hentry","category-email","category-general","category-security-2","tag-malware","tag-phishing","tag-security"],"publishpress_future_action":{"enabled":false,"date":"2026-05-22 06:38:36","action":"change-status","newStatus":"draft","terms":[],"taxonomy":"category","extraData":[]},"publishpress_future_workflow_manual_trigger":{"enabledWorkflows":[]},"_links":{"self":[{"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/posts\/11671","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/users\/259"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/comments?post=11671"}],"version-history":[{"count":4,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/posts\/11671\/revisions"}],"predecessor-version":[{"id":11769,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/posts\/11671\/revisions\/11769"}],"wp:attachment":[{"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/media?parent=11671"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/categories?post=11671"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.sun.ac.za\/it\/wp-json\/wp\/v2\/tags?post=11671"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}