Page 29 - NYS_ESS_09-2024
P. 29
local Regional in the e-mail to trick you into thinking they
local Regional in the e-mail to trick you into thinking they
have a connection to you, making you more likely to click
have a connection to you, making you more likely to click
a link or attachment that they provide.
a link or attachment that they provide.
• Whaling: Whaling is a popular ploy aimed at getting you to
• Whaling: Whaling is a popular ploy aimed at getting you to
transfer money or send sensitive information to an attacker
transfer money or send sensitive information to an attacker
W e have recently been made aware of email scams targeting via email by impersonating a real NYSAPLS or Regional
We have recently been made aware of email scams targeting
via email by impersonating a real NYSAPLS or Regional
our association. We wanted to inform you of a common cyber-
our association. W e wanted to inform you of a common cyber - officer or board member. Using a fake domain that appears
officer or board member
. Using a fake domain that appears
attack that everyone should be aware of called “phishing”.
attack that ever yone should be aware of called “phishing”. similar to ours or the regional’ s, they look like normal emails
similar to ours or the regional’s, they look like normal emails
-attack that
from people you know and ask you for sensitive information
is the most common type of cyber
“Phishing” is the most common type of cyber-attack that from people you know and ask you for sensitive information
“Phishing”
affects organizations like ours. Phishing attacks can take many (including usernames and passwords).
(including usernames and passwords).
affects organizations like ours. Phishing attacks can take many
forms, but they all share a common goal – getting you to share Best Practices to Avoid Phishing Schemes
forms, but they all share a common goal – getting you to share
void Phishing Schemes
Best Practices to A
sensitive information such as login credentials, credit card Do not click on links or attachments from senders that you
sensitive information such as login credentials, credit card
Do not click on links or attachments from senders that you
information, or bank account details. do not recognize.
information, or bank account details.
do not recognize.
Although we maintain controls to help protect our networks • Do not provide sensitive personal information
Although we maintain controls to help protect our networks
• Do not provide sensitive personal information
and computers from cyber threats, it’s important everyone is
and computers from cyber threats, it’ s important ever yone is (like usernames and passwords) over email.
(like usernames and passwords) over email.
on the look for suspicious emails.
on the look for suspicious emails. • W atch for email senders that use suspicious or
• Watch for email senders that use suspicious or
misleading domain names.
We’ve outlined a few different types of phishing attacks to
W e’ve outlined a few different types of phishing attacks to misleading domain names.
watch out for:
watch out for: How to Report a Phishing Scheme
How to Report a Phishing Scheme
• Phishing: In this type of attack, hackers impersonate a real For ward any phishing attempts to the following
• Phishing: In this type of attack, hackers impersonate a real
Forward any phishing attempts to the following
company to obtain your login credentials. For example,
company to obtain your login credentials. For example, two organizations:
two organizations:
they could send an e-mail asking you to verify your
they could send an e-mail asking you to verify your 1 . The Anti-Phishing W orking Group at
1. The Anti-Phishing Working Group at
account details with a link that takes you to an imposter reportphishing@apwg.org
account details with a link that takes you to an imposter
reportphishing@apwg.org
login screen that delivers your information directly to the
login screen that delivers your information directly to the 2 . The Federal T rade Commission (FTC) at
2. The Federal Trade Commission (FTC) at
attackers.
attackers. ReportFraud.ftc.gov.
.
ReportFraud.ftc.gov
• Spear Phishing: Spear phishing is a more sophisticated
• Spear Phishing: Spear phishing is a more sophisticated
Note: If you ever receive a phishing
phishing attack that includes customized information that
phishing attack that includes customized information that Note: If you ever receive a phishing
text message you should forward it
makes the attacker seem like a legitimate sour
makes the attacker seem like a legitimate source. They text message you should for ward it
ce. They
to SP
AM (7726).
may use a familiar name and refer to NYSAPLS or your to SPAM (7726).
may use a familiar name and refer to NYSAPLS or your
eying Engineering
Surveying Engineering
Sur
v
ec
T
Technology Education
y Educa
tion
hnolog
Join 300 other current surveying students at UMaine in
pursuit of your educational goals.
Now Offering:
Graduate & Undergraduate Certificates
Bachelor of Science (ABET accredited)
Professional Science Masters in Engineering and Business
MS in Engineering Technology (SVT Concentration)
UNDERGRAD $700 GRADUATE
$485 ONLINE TUITION
per credit TUITION per credit
100% ONLINE.UMAINE.EDU/SURVEYING
ONLINE!
EMPIRE STATE SURVEYOR / VOL. 60 • NO 5 2024 • SEPTEMBER/OCTOBER 27
