Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

SPEAR PHISHING AND COMMON CYBER ATTACKS, Study notes of Engineering

Stevens-Henager College - MurrayEngineering

Signs of a phishing scam may include generic greetings, urgent action requests you did not initiate, requests for personal information, and even baseless ...

Typology: Study notes

2021/2022

Uploaded on 09/12/2022

arjaa
arjaa 🇺🇸

4.2

(5)

229 documents

1 / 2

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
COUNTERINTELLIGENCE TIPS
A spear phishing attack is an attempt to acquire sensitive information or access to a
computer system by sending counterfeit messages that appear to be legitimate. “Spear
phishing” is a type of phishing campaign that targets a specific person or group and often
will include information known to be of interest to the target, such as current events or
financial documents. Like other social engineering attacks, spear phishing takes advantage
of our most basic human traits, such as a desire to be helpful, provide a positive response
to those in authority, a desire to respond positively to someone who shares similar tastes
or views, or simple curiosity about contemporary news and events. These messages are
delivered via e-mail and are designed to convince the user to open a malicious link or
attachment, exposing the target to malicious software.
The goal of spear phishing is to acquire sensitive information such as usernames,
passwords, and other personal information. When a link in a phishing e-mail is opened,
it may open a malicious site, which could download unwanted information onto a user’s
computer. When the user opens an attachment, malicious software may run which could
compromise the security posture of the host. Once a connection is established, the
attacker is able to initiate actions that could compromise the integrity of your computer,
the network it resides on, and data.
PHISHING IS NO LONGER AS
OBVIOUS AS IT ONCE WAS
SPEAR PHISHING AND
COMMON CYBER ATTACKS
pf2

Partial preview of the text

Download SPEAR PHISHING AND COMMON CYBER ATTACKS and more Study notes Engineering in PDF only on Docsity!

COUNTERINTELLIGENCE TIPS

A spear phishing attack is an attempt to acquire sensitive information or access to a computer system by sending counterfeit messages that appear to be legitimate. “Spear phishing” is a type of phishing campaign that targets a specific person or group and often will include information known to be of interest to the target, such as current events or financial documents. Like other social engineering attacks, spear phishing takes advantage of our most basic human traits, such as a desire to be helpful, provide a positive response to those in authority, a desire to respond positively to someone who shares similar tastes or views, or simple curiosity about contemporary news and events. These messages are delivered via e-mail and are designed to convince the user to open a malicious link or attachment, exposing the target to malicious software. The goal of spear phishing is to acquire sensitive information such as usernames, passwords, and other personal information. When a link in a phishing e-mail is opened, it may open a malicious site, which could download unwanted information onto a user’s computer. When the user opens an attachment, malicious software may run which could compromise the security posture of the host. Once a connection is established, the attacker is able to initiate actions that could compromise the integrity of your computer, the network it resides on, and data.

PHISHING IS NO LONGER AS

OBVIOUS AS IT ONCE WAS

SPEAR PHISHING AND

COMMON CYBER ATTACKS

INTERNET RESOURCES

OnGuardOnline.gov Operated by the Federal Trade Commission (FTC), this site provides tips and technical guidance on cybersecurity issues as well as a guide for talking to children about Internet use. StaySafeOnline.org Offers resources on a variety of cybersecurity issues, including information on adjusting privacy settings on a number of popular platforms. Today, phishing scams are more sophisticated—identities are masked, messages are tailored, and email content appears legitimate. Signs of a phishing scam may include generic greetings, urgent action requests you did not initiate, requests for personal information, and even baseless threats. Other cyber-attack concerns include compromised or counterfeit websites that introduce malware to obtain a user’s Personally Identifiable Information (PII). Skilled hackers can create new websites that appear legitimate or hack into a legitimate site undetected and embed malicious code. Signs of a malicious website include strange or unexpected search engine results and abnormal redirects to unexpected websites. Anti-virus software tools can often catch website redirects and most search engine companies such as Google, Chrome, and Bing alert users to problematic websites and often block access to those with malware.

Here are a few easy things to help protect

yourself from phishing and malware

cyber-attacks:

  • Avoid websites that produce browser alerts and advise against access.
  • Do not open email attachments or click links from unknown senders.
  • Use a strong password and change it as required. Dear Valued Member, Thank you for trusting us with your banking needs. We have been notified about a phishing email targeting our members, and have attached a notice for your review. For your protection, please use the link below to verify your account details... In the past, users could easily detect phishing e-mails, which were often sent from unknown senders, contained misspelled words, and used poor grammar. Dear User, Your account expire soon. Please click here to keep account active. Sincerely, The Google Team