{"id":81302,"date":"2022-10-18T10:30:30","date_gmt":"2022-10-18T14:30:30","guid":{"rendered":"https:\/\/brocku.ca\/brock-news\/?p=81302"},"modified":"2022-10-18T17:04:43","modified_gmt":"2022-10-18T21:04:43","slug":"its-cautions-brock-community-to-be-wary-of-phishing-attacks","status":"publish","type":"post","link":"https:\/\/brocku.ca\/brock-news\/2022\/10\/its-cautions-brock-community-to-be-wary-of-phishing-attacks\/","title":{"rendered":"ITS cautions Brock community to be wary of phishing attacks"},"content":{"rendered":"

Phishing attacks come in many forms across the cybersecurity landscape. <\/span>\u00a0<\/span><\/p>\n

Many of these attacks, whether internal or external, can appear to be legitimate from trustworthy sources. Diligence is required to protect oneself and the University.<\/span>\u00a0<\/span><\/p>\n

As part of <\/span>Cybersecurity Awareness Month<\/a>, Brock Information Technology Services (ITS) is educating the University community with information and tips that can help protect technology users\u2019 identities and data.<\/span>\u00a0<\/span><\/p>\n

As technologies evolve, so do cyberattacks. Cybercriminals prey on the trusting nature of individuals and have become advanced in crafting phishing emails that appear to be legitimate. <\/span>\u00a0<\/span><\/p>\n

An email seeming to be from the University President, a supervisor, Human Resources, ITS or another unit within the University could be a phishing attack. <\/span>\u00a0<\/span><\/p>\n

If an email looks too good to be true or something about it seems off, ITS recommends students and employees \u2018think before they click\u2019 and report the email to <\/span>itsecurity@brocku.ca<\/span><\/a>\u00a0<\/span><\/p>\n

Types of phishing attacks<\/strong><\/h2>\n

Email phishing
\n<\/strong>Email phishing is the most common form of phishing. This type of attack uses tactics such as phoney hyperlinks to lure email recipients into sharing their personal information. Attackers often masquerade as a large account provider like Microsoft or Google, or even a coworker.<\/span>\u00a0<\/span><\/p>\n

Malware phishing
\n<\/strong>Another prevalent phishing approach, malware phishing involves planting malware disguised as a trustworthy attachment, such as a resum\u00e9 or bank statement, in an email. In some cases, opening a malware attachment can paralyze entire IT systems.<\/span>\u00a0<\/span><\/p>\n

Spear phishing
\n<\/strong>While most phishing attacks cast a wide net, spear phishing targets specific individuals by exploiting information gathered through research into their jobs and social lives. These attacks are highly customized, making them particularly effective at bypassing basic cybersecurity.<\/span>\u00a0<\/span><\/p>\n

Whaling
\n<\/strong>Whaling takes place when a \u2018big fish\u2019 is targeted, such as a senior executive or celebrity. Scammers often conduct considerable research into their targets to find an opportune moment to steal login credentials or other sensitive information. <\/span>\u00a0<\/span><\/p>\n

Smishing
\n<\/strong>A combination of the words \u2018SMS\u2019 and \u2018phishing,\u2019 smishing involves sending text messages disguised as trustworthy communications from well-known businesses such as Amazon or FedEx. People are particularly vulnerable to SMS scams, as text messages are delivered in plain text and come across as more personal.<\/span>\u00a0<\/span><\/p>\n

Vishing
\n<\/strong>In vishing campaigns, attackers in fraudulent call centres attempt to trick people into providing sensitive information over the phone. In many cases, these scams use social engineering to dupe victims into installing malware onto their devices in the form of an app.<\/span>\u00a0<\/span><\/p>\n

Brock employees and students who suspect they are the recipient of an email phishing attack should contact <\/span>itsecurity@brocku.ca<\/span><\/a><\/p>\n

Questions about phishing can also be directed to this email.<\/span>\u00a0<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

Phishing attacks come in many forms across the cybersecurity landscape. Many of these attacks, whether internal or external, can appear to be legitimate from trustworthy sources.<\/p>\n","protected":false},"author":1,"featured_media":74740,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[54,7],"tags":[5331,3190,4430,7822,8159,9620,10105,737],"_links":{"self":[{"href":"https:\/\/brocku.ca\/brock-news\/wp-json\/wp\/v2\/posts\/81302"}],"collection":[{"href":"https:\/\/brocku.ca\/brock-news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/brocku.ca\/brock-news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/brocku.ca\/brock-news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/brocku.ca\/brock-news\/wp-json\/wp\/v2\/comments?post=81302"}],"version-history":[{"count":5,"href":"https:\/\/brocku.ca\/brock-news\/wp-json\/wp\/v2\/posts\/81302\/revisions"}],"predecessor-version":[{"id":81308,"href":"https:\/\/brocku.ca\/brock-news\/wp-json\/wp\/v2\/posts\/81302\/revisions\/81308"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/brocku.ca\/brock-news\/wp-json\/wp\/v2\/media\/74740"}],"wp:attachment":[{"href":"https:\/\/brocku.ca\/brock-news\/wp-json\/wp\/v2\/media?parent=81302"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/brocku.ca\/brock-news\/wp-json\/wp\/v2\/categories?post=81302"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/brocku.ca\/brock-news\/wp-json\/wp\/v2\/tags?post=81302"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}