Security Awareness

Phishing and Social Engineering

Have you ever received an email that didn’t look quite right? An email that you weren’t expecting? Maybe even from someone you know? Chances are good that was a phishing email that was intended to socially engineer information from you.

These specially crafted emails are made to entice you to click on a link or open an attachment. The links will take you to a website. While it may look like nothing is happening malicious software is potentially being downloaded in the background and creating a link to your computer. The attachment scenario works the same way.  It may be presented as a pdf (Adobe) or other file type ending in xls (Excel) or doc (Word) but in reality it is an executable installing the malicious payload. Visually on the computer monitor nothing happens.  Unfortunately, more often than not, anti-virus is not catching the activity.

In the background the software is activated and sending information back to the criminal. The goal is to monitor your keystrokes to determine your user ID’s and passwords for access to your applications and websites. It is likely snooping through your email, address book and documents looking for any personally identifying information as well.

Keep in mind, the email could be from someone you know. Be in the habit of not accepting chain emails or jokes.

Phishing is a serious problem for everyone.  Gaining access to your online banking credentials is especially enticing for the potential $ big pay day $ for criminals. Criminals are constantly evolving and getting better at the game and security technology such as anti-virus and anti-malware isn’t fail proof. We need our customers to be diligent about watching for suspicious emails.  We believe our customers are a very important part of our security posture. If in doubt, don’t open it! 

<< Back to Security Alerts