Tag - Phishing

The first steps for the North Macedonian CIRT: Interview with Prof. Sonja Filiposka

The CIRT of the Faculty Computer Science of the University of Skopje was founded 2.5 years ago as the result of a cybersecurity exercise which brought to light the need to raise cyber security awareness and coordinate the response to potential cyber security attacks. The CIRT’s objective is to raise awareness among students and within the faculty. Students tend to focus primarily on their assignments and their results, less on security. The CIRT aims to underline the importance of all...

Read More

Phishing in the COVID emergency: corporate defence strategies

By Nicla Ivana Diomede, Chief Information Security Officer at the University of Milan What is Phishing? Phishing is a type of fraud aimed at illegally stealing confidential information such as login credentials (username and password), credit card numbers and so on. Email is the main attack vector, but text messages, chat and social media can also be used. In general, the fake sender presents himself/herself as an authoritative subject (e.g. bank, Administration, IT Service Managers, Directors)...

Read More

From phishing to CIRT: How the first academic CIRT was established in North Macedonia

By Sonja Filiposka and Anastas Mishev, respectively head and former head of FINKI CIRT Nowadays phishing attacks are one of the most notorious and dangerous threats to any organisation. It is estimated that the financial impact of phishing attacks could reach up to 5 billion dollars per year. Due to their wide-spread nature and impact, awareness raising for such malicious activities is one of the major cyber security measures. Human nature is what makes such attacks possible. Based on the...

Read More

Simulating phishing to raise user awareness

By Maria Sole Scollo, IT security expert at Consortium GARR Even if phishing has been for many years now a well-known illegal practice, asking people for their sensitive information is still the most effective way for cyber criminals to get them. A good part of the spam we receive is still today sent by compromised addresses through phishing campaigns, which more often than not are customised to better fit the intended target, and still today security experts are asked about the possible...

Read More

Demystifying phishing – Part 2

Continues from Demystiphying phishing – Part 1 By Damien Mascré, David Verdin, Laurent Aublet-Cuvelier (RENATER) Phishing aims to steal your secrets. Actually, it is even more malicious than that; it is designed to make you voluntarily hand over your secrets. A bit like a burglar asking you to deliver your furniture to a specific address. Presented like that, it might be said that the approach is unlikely to be successful, yet phishing is still on the rise. Why on earth is it successful...

Read More

Demystifying phishing – Part 1

By Damien Mascré, David Verdin, Laurent Aublet-Cuvelier (RENATER) On the list of the many issues inflicted by emails, phishing appears to be social disease: rare, shameful and unfortunately fatal. Phishing occurs when a message appears to come from one sender when in fact it has come from another. Posing as a trusted third party, the hacker will use the opportunity to steal financial or strategic information. Spam is a problem generally, but phishing exacerbates the issue; it erodes the trust...

Read More

Phishing: how our university is dealing with this challenge

By Hendrik Höcke, IT security officer at the Zurich University of the Arts Whether with dynamite or a spear, phishing is a huge challenge for the Zurich University of the Arts (ZHdK). Currently, we reject more than half of the e-mails we receive every day, and the trend is rising. Of course, not all of them are phishing messages, but a serious separation from spam, scam and phishing mails etc. is hardly possible. Technical measures Sender Policy Framework (SPF) profiles and blacklists are used...

Read More

How Security Awareness can aid our fight against phishing

In the current climate we live in with many of us working remotely or from home, the importance of security awareness has increased drastically. It is known and has been publicised that much of cyber risk can be associated with a potential lack of a security aware culture. An Irish Times newspaper article in September 2020 described how human error is a major driver of cyber incidents and the financial losses around them – which accounts for 95% of all breaches. By Louise O’Sullivan, ICT...

Read More

Building trust to stop phishing

In 2020 we cannot doubt the threat posed by phishing; we could spend so much time trying to size the risks for our organisations and society. I am not even sure I could give an accurate estimation of this risk. There is so much unknown. However, for many of us, being targeted by phishing cyber attacks is now part of our typical day or week. By Emmanuel Nicaise, cyber security consultant with Approach and researcher at the Université libre de Bruxelles (ULB) The GÉANT network connects 50 million...

Read More

How to recognise phishing emails

By Roberto Cecchini (INFN – GARR) What is phishing? Phishing is one of the many social engineering techniques used to deceive users. It is a type of fraud used to obtain sensitive information from a person or a firm, such as passwords and credit card details. The perpetrators, using electronic communication – typically email, instant messaging or text messaging – disguise themselves as a trustworthy entity, like a bank, a lawyer or a colleague and invites the users to give their personal...

Read More
Skip to content