Page 31 - NYS_ESS_09-2022
P. 31
We have recently been made aware of email scams targeting
our association. We wanted to inform you of a common cyber-
attack that everyone should be aware of called “phishing”.
“Phishing” is the most common type of cyber-attack that
affects organizations like ours. Phishing attacks can take many
forms, but they
all share a common goal – getting you to share sensitive
information such as login credentials, credit card information,
or bank account details.
Although we maintain controls to help protect our networks
and computers from cyber threats, it’s important everyone is
on the look for suspicious emails.
We’ve outlined a few different types of phishing attacks to
watch out for:
• Phishing: In this type of attack, hackers impersonate
a real company to obtain your login credentials. For
example, they could send an e-mail asking you to verify
your account details with a link that takes you to an
imposter login screen that delivers your information
directly to the attackers.
• Spear Phishing: Spear phishing is a more sophisticated
phishing attack that includes customized information that
makes the attacker seem like a legitimate source. They
Save the Dates! may use a familiar name and refer to NYSAPLS or your
local Regional in the e-mail to trick you into thinking they
have a connection to you, making you more likely to click
a link or attachment that they provide.
NYSAPLS 64th Annual Conference • Whaling: Whaling is a popular ploy aimed at getting you to
January 18-20, 2023 transfer money or send sensitive information to an attacker
Turning Stone Resort & Casino via email by impersonating a real NYSAPLS or Regional
Verona, NY officer or board member. Using a fake domain that appears
similar to ours or the regional’s, they look like normal
emails from people you know and ask you for sensitive
information (including usernames and passwords).
Best Practices to Avoid Phishing Schemes
Do not click on links or attachments from senders that you do
not recognize.
• Do not provide sensitive personal information (like
usernames and passwords) over email.
• Watch for email senders that use suspicious or misleading
domain names.
How to Report a Phishing Scheme
Forward any phishing attempts to the following
two organizations:
1. The Anti-Phishing Working Group at
reportphishing@apwg.org
2. The Federal Trade Commission (FTC) at
Now Available at www.nysapls.org: ReportFraud.ftc.gov.
Exhibitor registration Note: If you ever receive a phishing text message you should
Journal advertising forward it to SPAM (7726).
Sponsor opportunities
Stay tuned... Thanks for helping to keep our members safe
Attendee registration to open in October! from these cyber threats!
EMPIRE STATE SURVEYOR / VOL. 58 • NO 5/ 2022 • SEPTEMBER/OCTOBER 29
