Phishing

Phishing: Safeguarding Yourself and Your Organisation’s Sensitive Data

Phishing

Phishing is a type of social engineering, a way of getting into your private network that relies more on psychology and deception than traditional hacking that involves exploiting vulnerabilities in your security software. You can find a good introduction to phishing and social engineering on Wikipedia.

Some more recent and high impact examples of social engineering were the attempts to lure Twitter users to “verify” their accounts by clicking on links purportedly posted by Twitter (with usernames like @VerifySupport247). The users would then enter their login information to begin the “verification” process. Instead, the spoofed login pages recorded the credentials, took control over the victim’s accounts, renamed them to @Verify(something) and sent out further invitations to “verify” – and so the cycle continues.

Today, however, we’re going to concentrate on email phishing, which currently poses a very significant threat to organisations. With recent studies concluding that half of users studied would click on any links sent by strangers, and increasing number of high profile data breaches, Derby’s Digital PCSO provides timely advice about the dangers of phishing.

We have collected a number of tweets from PCSO Shevani Raichura, Derby’s Digital PCSO, that explain phishing and how you can protect yourself, your family or your organisation from those under-handed attempts to steal your data.  Shevani Raichura is an award-winning IT security expert who joined Derbyshire Constabulary as a police community support officer to offer advice on a range of security and safety topics.

Please follow Derby’s Digital PCSO on Twitter to receive more advice on a range of relevant topics relating to your security and safety online.

Leave a Reply