Phishing is a preferred method of attack where phishers send emails which appear to be from an authoritative source, such as from PayPal, Helpdesk, Administrator or your bank. Usually the email warns you about your account status and asks you to reply, update, or confirm your account information. If you receive emails like that or those that threaten dire consequences if you don't respond, please click on the "Report spam" button in your inbox and forward the message to CSS IT Security at email@example.com.
What are the risks of phishing?
The consequence of responding to these fraudulent emails can be serious. Once a phisher has your account information, they can steal your email account, steal information inside your email account, use your account to send spam and launch more phishing attacks.
What does phishing look like?
Phishing emails may have spelling mistakes and use bad grammar, they may threaten that your account will be closed. They try to get you to respond and act quickly without thinking. Asking you to click on a link within a phishing email, is another common way that the phishers install malware on your computer that can steal your personal information. Wondering how to spot a phishing email? The CSO magazine editorial staff shared a phishing email example that teaches you how to recognize phishing email.
Click Click Phish is a phishing attack education game that shows common phishing tricks (If players register they will be emailed on a regular basis (e.g. every 3 months) to play again to stay sharp on the latest phishing attack tactics).
What to do if email account got hacked
If you see messages in your sent folder that you didn't send, or there are logins from locations that you don't recognize, your email account might have been hacked. What To Do When Your Email Gets Hacked is a great article that will walk you step by step to get everything back in order.
Phishing phone calls and text message
Text message spam is target at your phone to steal personal information. It often promise you free gifts and offers to get username and password, credit card number of Social Security Number. Once your information is revealed, it can lead to unwanted charges on your bill, bad phone performance or identity theft. The Federal Communications Commission (FCC) provides an article Text Message Spam to further discuss this threat. We encourage you to read the article and learn how to protect yourself against phishing scams and identity theft.
Smartphone apps: Is your privacy protected?
Smartphone apps can do more than provide you with entertainment, information or useful services -- they can also invade your privacy.
Apps can trace your Web habits, look into your contact list, make phone calls without your knowledge, track your location, examine your files and more. They can also automatically send information such as location data to mobile ad networks. Here is a list from The Wall Street Journal that examined what kind of information were collected by apps - What They Know - Mobile
When people download and install an app, they agree to terms and conditions. But have you read through those permissions seriously? Check out this two-minute video on how people reacted when they read their apps' permissions out loud - #PrivacyProject
How to protect yourself from smartphone privacy issue
It is impossible to use a smartphone app while not being exposed to potential privacy intrusions. The key is to find the balance between the benefit you get from the app and the potential privacy risk.
Somethings you should pay attention to:
Smartphones may make phone calls and Send SMS or MMS, which could charge your money without your knowledge. If you encounter a problem related those capabilities, you could end up spending several hours working things out with your carrier.
When you are updating apps, the permissions for the updated app aren't necessarily the same as the previous version. Developers can change the permissions.
"Trusted Application status" could also cause privacy issues. It means you're allowing it to access potentially sensitive information on your device without prompting you for permission again
In general, Apple tries to prevent developers from having full-scale access to all of the data and hardware on an iOS device. This improves overall security; however, Apple does grant developers access to a number of system components. This means that apps can pull data from most of the Apple-provided apps and features (like the Camera, Photos, Music/iPod and Contacts apps).