Page 29 - NYS_ESS_01-2023
P. 29
VIII. Pass the Gavel
(each attendee is invited to give an update on their regional activities, news,
concerns, personal comments, etc.)
Bob Marvin – Northern – elections were held at the October meeting. We have recently been made aware of email scams targeting
Owen Littlefield President; Gregg Pawlowski Vice President; Dan Marvin our association. We wanted to inform you of a common cyber-
Treasurer; Aaron Padden Secretary, Robert M. Marvin, Jr. Designated attack that everyone should be aware of called “phishing”.
Director to NYSAPLS BOD.
Howard Lyndaker – Black River – Scott Allen attended their last meeting “Phishing” is the most common type of cyber-attack that
to discuss Minimum Technical Standards. Next meeting will be meeting affects organizations like ours. Phishing attacks can take many
December 8th. forms, but they
Scott Gillis – Nassau Suffolk – working on schedule for next meeting. all share a common goal – getting you to share sensitive
Doug Reith – Central – next meeting is Dec. 1st. Hoping to elect new information such as login credentials, credit card information,
officers. The regional is growing. or bank account details.
Owen Littlefield – Northern – next meeting is December 8th Although we maintain controls to help protect our networks
Brian Skalman – Niagara Frontier – Thanked Roy for attending their last and computers from cyber threats, it’s important everyone is
meeting to discuss Minimum Technical Standards. Amber and Ken Stigner on the look for suspicious emails.
will be attending December 8th meeting to discuss conference. Niagara We’ve outlined a few different types of phishing attacks to
Frontier is the host regional for 2023 Annual Conference. watch out for:
Brie Meisler – Eastern – Jim Vianna was to talk on Minimum Technical
Standards at last meeting but Jim got sick, so rescheduled for their March • Phishing: In this type of attack, hackers impersonate
meeting. Brian Magee stepped in and gave a presentation on DOT record a real company to obtain your login credentials. For
plans and appropriation maps. example, they could send an e-mail asking you to verify
John Abruzzo – Long Island – Jason Larson and Dan Weaver attended your account details with a link that takes you to an
their last meeting to discuss MTS. John asked Jason to pass along imposter login screen that delivers your information
information on City Tech’s geomatics program in hopes that Farmingdale directly to the attackers.
State College can start a similar program. • Spear Phishing: Spear phishing is a more sophisticated
Gerry Emborski – attending as a guest member. phishing attack that includes customized information that
Jason Peterson – Eastern – Discussed Soldiers to Surveyors Program, makes the attacker seem like a legitimate source. They
which Jason started. Discussed a Vets internship program that is may use a familiar name and refer to NYSAPLS or your
currently available. local Regional in the e-mail to trick you into thinking they
Dan Weaver – Nassau Suffolk – presented MTS at their last meeting with have a connection to you, making you more likely to click
Jason Larson. a link or attachment that they provide.
Jason Larson, Ken Stigner, Bill Eggers, Patti Brooks, Tim Massi – no • Whaling: Whaling is a popular ploy aimed at getting you to
further report transfer money or send sensitive information to an attacker
Jeremy Thompson – belongs to both Northern and Black River. They via email by impersonating a real NYSAPLS or Regional
scheduled their next meetings on the same night (December 8th). Which officer or board member. Using a fake domain that appears
meeting will he attend?? similar to ours or the regional’s, they look like normal
Greg de Bruin – mentioned that his sister sent him info on an Amsterdam emails from people you know and ask you for sensitive
positioning system that is supposedly more accurate than GPS (10 cm) and information (including usernames and passwords).
works in urban areas (urban canyons) – presumably uses cellular or other
land based signals. Best Practices to Avoid Phishing Schemes
Nicole Kalicicki – Mid-Hudson – trying to schedule someone from MTS Do not click on links or attachments from senders that you do
Committee to come to their next meeting. not recognize.
President Garfinkel – reiterated his appreciation for everyone’s enthusiasm • Do not provide sensitive personal information (like
and great ideas. usernames and passwords) over email.
IX. Upcoming Board of Directors Meetings • Watch for email senders that use suspicious or misleading
Tuesday January 17, 2023, 6:30 PM at Turning Stone Resort & Casino domain names.
(Cypress ABC)
How to Report a Phishing Scheme
Without objection, the meeting was adjourned at 5:03 PM. Forward any phishing attempts to the following
two organizations:
Respectfully submitted: 1. The Anti-Phishing Working Group at
Scott B. Allen, LS – Secretary reportphishing@apwg.org
2. The Federal Trade Commission (FTC) at
ReportFraud.ftc.gov.
Note: If you ever receive a phishing text message you should
forward it to SPAM (7726).
Thanks for helping to keep our members safe
from these cyber threats!
EMPIRE STATE SURVEYOR / VOL. 59 • NO 1/ 2023 • JANUARY/FEBRUARY 27
