Cyber Defense eMagazine May 2019
Cyber Defense eMagazine May Edition for 2019 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cybersecurity expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group
Cyber Defense eMagazine May Edition for 2019 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cybersecurity expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Phishing Awareness - The More They Know, the Less the Threat<br />
By Matthew Goodwin<br />
In this paper, I will be going over what phishing email attacks are and how end user training can help<br />
secure an organization against such attacks. In my organization, I am responsible for securing our<br />
network from threats and employee training plays a large part of that. I will go over some of the different<br />
things end users need to be aware of when interacting with emails to ensure they are not opening their<br />
organization up to an attack as well as discuss recent attacks which have made the news. I will also<br />
discuss some of the different employee training tools that may assist organizations with training their<br />
employees to spot and mitigate phishing email attacks.<br />
Email is one of the most convenient forms of communication that is used for not only business<br />
communication but also for personal correspondence. Due to email’s wide usage and ease of use, it is<br />
the perfect courier for outside entities to use to compromise an organization. The most common attack<br />
method, called Phishing, seeks to trick an individual into clicking a link or opening an attachment by<br />
appearing to come from a legitimate source such as a friend or trusted business. Phishing emails are<br />
usually sent from malicious sources out to millions of recipients in the hope that some will fall for the hoax<br />
and infect their machines or give out personal information. According to Phishing (2015), “Phishing is<br />
similar to using a net to catch fish; you do not know what you will catch, but the bigger the net, the more<br />
fish you will find.” Links and attachments in phishing emails are usually designed to either harvest<br />
information or infect the recipient’s computer and/or network. Once infected, the recipient’s file may be<br />
encrypted, and they will be forced to pay to have their files unencrypted or their machine may begin<br />
sending out phishing emails attempting to infect other machines. In March of 2018, the city of Atlanta was<br />
crippled by a ransomware cyberattack that encrypted much of their network and demanded a ransom.<br />
Atlanta’s law enforcement, court system, city hall, and multiple municipal departments were all taken<br />
53