In celebration of back-to-school, time for a POP QUIZ! Are you smarter than the average IT user when it comes to spotting the most common types of cyber-attacks? But first let’s review:

 

Phishing: Phishing attacks come via your email. They disguise themselves as emails from trusted sources like your bank, Office 365, or even your boss asking you to follow links, open attachments, enter passwords and in some cases, even transfer money.

 

These are tricky because often times it appears that the senders email has been compromised, when in reality it wasn’t. There are a number of different ways phishing emails can fly under the radar.

 

Faked display name

Unfortunately, in Office 365 you can set your display name to whatever you’d like it to be. If you don’t check the actual email address a message was sent from, it’s easy to see the display name and assume it’s from someone you trust.

 

Ex.

Rather than Lauren Sires <laurensires@nwtechnology.com>

It could look like Lauren Sires <mrhackerman@sketchydomainname467.com>

It’s easy to spot if you’re looking for it, but very easy to miss if you’re not careful.

 

Mimicked email address

This is when a sender creates an email that resembles what the recipient might expect to come from a specific person or organization, but it’s actually a phony email.

The differences are usually very subtle. Typically, it means switching a couple letters around, adding or shortening words and using acronyms where a name is typically spelled out.

 

Ex.

Rather than laurensires@nwtechnology.com, an email would be from laurensires@nwtecnhology.com or laurensires@northwesttechnology.com.

 

Cloned email address

This is when the sender makes it appear as though the email came from an email address different from the one it actually came from. These are some of the most difficult to pull off and least likely to occur. If you receive a questionable email and it doesn’t fall into one of the above categories, it’s more likely that their email account has been compromised.

 

Malware: Phishing attacks in many cases are attempting to steal your password to get access to your accounts, but often times they can plant malware on your machine. Malware is an umbrella term meaning malicious software and comes in many forms.

  1. Virus: Software that duplicates itself and destroys files across your computer or server. Viruses can go unnoticed for long periods of time and continue to damage until caught and destroyed.
  2. Spyware: Software that records the actions made on your device. This can be anything from recording key strokes to stealing passwords, recording screens for black mail uses and much more.
  3. Ransomware: Ransomware locks down your computer or network and demands compensation before your system is restored. This has become a common attack on government agencies.

In today’s computer dependent world users have to be constantly on alert for cybercrimes or risk lasting damage to their business and personal data.  Are you ready?

 

OK, now please take out a piece of paper and a number 2 pencil so we can begin.

Odd how those words, after all these years, can still cause you to break out in a sweat!