IT Trenches

Mar 30 2010   12:20PM GMT

Infosec Awareness Training – Phish or no-Phish



Posted by: Troy Tate
Tags:
infosec
infosec awareness
phishing
security education
social engineering
ssl certificates

In every employee meeting where I have an opportunity to speak about information security, I bring up the topic of phishing. Phishing is one of the biggest threats in information security today. Social engineering seems to be more prevalent, and harder to detect, than ever and we all have to be vigilant to protect ourselves and others. I say protecting others – by this I am referring to those social engineering attacks which result in a system getting compromised with a bot that then attacks other systems.

However, I digress from the purpose of this posting. I was recently made aware of a good phishing awareness education website. Even though the website is an advertisement by Verisign, it still has a good message for the general consumer and computer user population. The website presents 5 good websites and 5 phishing websites. The visitor is requested to decide which is the real website and which is the phishing website. It’s not easy to determine in some cases. In fact, the phishing websites get “better” as you go through the quiz. The quiz runs a second time though the 5 websites using Verisign “Extended Validation SSL” certificates on the good sites. TIP: watch for the green address bar. I would recommend that you take a few minutes, run through this quiz yourself and see how you do. Share the quiz with co-workers and family members. Visit Verisign’s Phish or No-Phish quiz and see how you do.

Folks, phishing is a real threat. The “bad” websites are getting “better” every day. Education, awareness and attention to detail may be the only way you prevent being directly affected by this threat. Thanks for reading & let’s continue to be good network citizens!

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: