Tag - CyberSecMonth

Building trust to stop phishing

In 2020 we cannot doubt the threat posed by phishing; we could spend so much time trying to size the risks for our organisations and society. I am not even sure I could give an accurate estimation of this risk. There is so much unknown. However, for many of us, being targeted by phishing cyber attacks is now part of our typical day or week. By Emmanuel Nicaise, cyber security consultant with Approach and researcher at the Université libre de Bruxelles (ULB) The GÉANT network connects 50 million...

Read More

Phishing: you win again

By Martin Waleczek, DFN-CERT Having an online existence has never been more rewarding. Almost daily someone wins the million dollar jackpot of a lottery and wants to share it with you, you get links to the best prices at the local pharmacy or online stock exchange and your IT department or bank kindly reminds you to change your expired password by clicking on a complicated link (again), that has been shortened for your convenience. Everyone wants to help you. But do they really? Phishing is the...

Read More

How to recognise phishing emails

By Roberto Cecchini (INFN – GARR) What is phishing? Phishing is one of the many social engineering techniques used to deceive users. It is a type of fraud used to obtain sensitive information from a person or a firm, such as passwords and credit card details. The perpetrators, using electronic communication – typically email, instant messaging or text messaging – disguise themselves as a trustworthy entity, like a bank, a lawyer or a colleague and invites the users to give their personal...

Read More

Phishing: Don’t get caught!

How to recognise phishing? What should you do with phishing mails? And what if you have clicked on a malicious link? Read our tips and tricks below and become a cyber hero! Tip 1 Phishing emails often contain a link to an external website. Never simply click on links in emails, always check the URL. You can do this by hovering over the link with the mouse. The domain name is the word before “.com”, “.org”, “.eu”, … and before the first slash. It must...

Read More

Hacking humans is easier than hacking machines

By Francesco Ficarola, Università La Sapienza, Rome Warning: picture ahead showing animal in distress  If you are reading this, then chances are that you have heard of Social Engineering (SE) at least once in your life. Perhaps, right now, you are thinking “how do I influence my boss to get a raise?”. Yes, don’t worry, I won’t tell him about your plans. Many of us are not satisfied with our salaries. So, that could be a good reason to “hack” a person, right? Seriously, you shouldn’t, just ask...

Read More

Usurp, Manipulate, Exploit

By Christine Glaser, Communications and Marketing Manager, Restena Foundation, with the contribution of Jean-Paul Weber, Security Engineer, Restena Foundation  Any company or institution may one day be faced with social engineering attacks. For example, searching for waste or for poorly protected access to a building, or – above all – manipulating people are just a few of the techniques that illustrate social engineering’s complexity and diversity. Social engineering is an art in...

Read More

It’s now or never! – and it never is as expected

By Simona Venuti, security manager at the GARR-CERT ‘When it’s time to talk about social engineering it’s difficult for me to decide from where to start, because it is everywhere around us. The definition of social engineering is “the psychological manipulation of people into performing actions that they wouldn’t normally do”. And this happens over and over again, every day.’ Every mum tries to convince her children that broccoli is much tastier than...

Read More

The many ambiguous faces of social engineering

By Silvia Arezzini, systems engineer and project manager at INFN (Italian National Institute for Nuclear Physics) “The problem of social engineering has always interested me because it shows the intertwining of technical and human aspects. Social engineering brings together a number of techniques aimed at inducing people to provide personal information, such as passwords or banking details, or to allow access to a computer to secretly install malicious software.” One of the best...

Read More

When the sender is not who we think they are

By Bruno Vuillemin, Security Officer of the University of Fribourg Sometimes a very simple fraud can cause a great deal of trouble. Whenever you receive and read an email, the sender might not necessarily be the person sending the message! In fact, most smartphones do not display the sender’s “real email address”, but rather what is called the “person’s name” field. Depending on the software used, this field can be filled in by the users themselves, with no...

Read More

Social Engineering – Don’t let hackers manipulate you!

Social engineering is the act of manipulating or tricking people into certain actions, such as giving out personal or financial information that can be used to commit fraud. It’s an act, but also an art; social engineers are very good at influencing victims through their emotions, for example by pretending to be someone in need of help. They may also pretend to be an authority figure. Or evoke curiosity through news on current events. Or offer a discount with limited availability. Their tricks...

Read More
Skip to content