Phishing scams threat to network security
Posted 2/15/2012
Email story
Print story
by Airman 1st Class John Washburn
95th Communications Squadron
2/15/2012 - EDWARDS AIR FORCE BASE, Calif. (AFNS) -- Phishing scams attempt to fool you into visiting a bogus website to either download malware - viruses and other software intended to compromise your computer - or reveal sensitive personal information.
For example, the scamming email might have an alarming subject line, such as "Problem with Your Account." The body of the message might claim there is a problem with your bank account and that, in order to validate your account, you must click a link included in the email and complete an online form.
These emails are crafted to look as if they've been sent from a legitimate organization and the perpetrators of phishing scams carefully craft the fake website to look like the real thing. This type of email is sent as spam to tens of thousands of recipients, often customers of the institution. Believing the email to be real, some of these recipients will click the link in the email without noticing that it takes them to a web address that only resembles the address of the real institution. If the email is sent and viewed as HTML, the visible link may be the URL of the institution, but the actual link information coded in the HTML will take the user to the bogus site.
A specific, more targeted form of phishing is spear phishing. During the holiday season there seems to be an increase in spear phishing attempts, but you can be targeted at any time. The attacker selectively chooses the recipient and usually has a thorough understanding of the target's command or organization.
The email can appear genuine. The attacker may address the recipient by name, use lingo or jargon of the organization, or reference actual procedures. Sometimes these emails have legitimate operational and exercise nicknames, terms, and key words in the subject and body of the message.
The "from" field of an email can easily be faked or spoofed. It might appear completely correct, or have a similar variation. On the other hand, the message may come from a legitimate email account because that account has been compromised. This can occur when the attackers obtain someone's login credentials and email contacts in their address book in order to obtain more accounts. The attacker's primary focus is to get you to open an attachment or follow a weblink, which may install the malicious software.
Most spear phishing attacks within the Department of Defense are not for identity theft. Since there is always the risk of being subjected to online and email scams, here are four ways you can protect yourself from being a victim of a phishing attempt:
1. Before clicking on any weblink within a message or opening up an attachment, be sure the source of the email is legitimate. These links and attachments can contain malware, spyware, viruses, and Trojan horses.
2. If you're uncertain, contact the sender directly if you can, and validate that they actually sent the message before you open it.
3. Do not send emails using HTML formatting, use Plain Text or Rich Text formatted emails. Plain Text is preferred because Rich Text looks the same as HTML formatting.
4. At a minimum, digitally sign all emails. To date, there are no known spoofs of digital signatures in Plain Text other than compromised PKI credentials due to negligence.
If you received an email that you believe to be a phishing attempt, first notify your unit Information Assurance Officer, or contact the Help Desk at 661-277-3444. Then email it to spam@edwards.af.mil.
If you clicked on a link, opened an attachment, or think that your computer might have been infected, follow the steps in the visual guide that should be near your computer. If you have any other questions contact your unit Information Assurance Officer for further clarification |
|
|
