RSA: Phish Me If You Can (Video)

Spearphishing. The deluxe (but easy) way to get unwary employees to put malware on your network. It’s basically the same as phishing, except more targeted. That is, a plain phishing scam might offer an unwary web-browsing employee a chance to see a famous starlet naked, while a spearphishing attack might purport to be an urgent request from your Bizzaro County office for 200 Kg of Unobtainium Oxide. Open that email, and… ZAP! So this is social hacking (cracking for the old-timers), and cannot necessarily be fought entirely by technical means. So how about setting up fake spearphishing attempts and immediately sending employees who fall for them to an IT security class with an emphasis on how to avoid phishing scams? You can do this yourself, possibly with help from a bright person or two from a nearby University. Or you can contact PhishMe or another anti-phish training company and have them help you teach spearphishing awareness to your people. Either way, every computer-using person in your company should know about phishing — and should know how to avoid getting hooked by phishers.

Share on Google+

Read more of this story at Slashdot.

via Slashdot http://it.slashdot.org/story/13/03/06/1721207/rsa-phish-me-if-you-can-video?utm_source=rss1.0mainlinkanon&utm_medium=feed

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: