360 Degree Cyber Security, LLC

Hackers go phishing not fishing

Hackers go phishing not fishing

Each holiday, no matter what it is, brings greetings from friends and families celebrating the holiday.  A lot of time, the greetings come in the form of a simple email, other times, it is a link to an electronic card.

Hackers take the holidays for a chance to do some phishing.  No not fishing, but phishing.  Phishing is the quest for getting a chance to find things out about you.  Last night I watched “Now You See Me.”  In one of the scenes, the character Arthur Tressler, played by Michael Caine, challenges J. Daniel Atlas, played by Jesse Eisenberg, that he cannot be read.  J. Daniel starts making statements about Arthur’s dog to which Arthur sets him straight saying I didn’t have a dog.  I had a cat and it’s name was…  The scenario went one more time where J. Daniel attempted to read the type of childhood Arthur had.  Again, Arthur said he was wrong and gave up some information about his family.  Later in the movie, the information provided was used against him to crack a bank account that Arthur owned.

What J. Daniel did was phishing.  Hackers do the same thing by sending you emails that look to be legitimate and the real thing.  However, the motive behind it is to gain access to your information, your account, or your computer.  You may not be the ultimate target, but merely a stepping stone to get to the final destination.

The U.S. Computer Emergency Readiness Team (USCERT) each holiday issues a reminder to everyone to be careful about the emails and ecards you open.  Their Easter Alert (follow the link) provides some tips on what to avoid when it comes to these types of communication.

don’t follow link or open emails from people you don’t know.
it someone you do know, but seems like it is an email they would not normally send then don’t open it.

Think twice and take a cyber 360.

About the Author

Chris Wolski author

Chris Wolski is the founder and principle consultant of the small business and municipality focused cyber security firm 360 Degree Cyber Security, LLC. He is currently certified by International Information System Security Certification Consortium as a Certified Information Systems Security Professional and by the SANS Institute as a Global Industrial Cyber Security Professional. Active in the information security community, Chris volunteers his time at BSides Delaware and to various individuals seeking to be mentored in cybersecurity. He is frequently researching industrial devices to discover weaknesses that would present a problem for users of those devices. Chris obtained his start in cyber security in the U.S. Navy where he served in various information security and signals intelligence roles over his 20 year career. He left government service after serving in a position to develop cyber threat intelligence against industrial controls and later on the Joint Chiefs of Staff as a cyber incident handler. Chris has a Bachelor of Science Degree in Cybersecurity from University of Maryland University College and is currently pursuing a Master in Business Administration, also at the University of Maryland University College.

Leave a Reply