Fall 2017 issue of Horizons

Beware of Phishing Phishing is the easiest way for an attacker to enter your network because it exploits the weakest link in any organization’s cyber defense – the human element. In order to avoid being scammed, users should be trained to recognize the signs of a phishing attack. ∙ Grammatical mistakes and spelling errors - Illegitimate emails often contain spelling errors or grammatical mistakes. These could be signs that the email is fraudulent. ∙ Threats and urgency - Phishing emails often threaten the reader with revocation of account access or a time limit within which he or she must reply. ∙ Sender display name and email address mismatch - Cybercriminals will often use convincing display names to mask fake email addresses. If you receive an email from a bank, for example, and the email address is actually associated with a Gmail account, it is most likely fraudulent. ∙ Links to websites - Phishing emails will often include links to websites. Hovering the mouse pointer over these links can help indicate if it is illegitimate. ∙ Too good to be true scenario - Be wary of emails asking for financial data or bank account information. If an email from a potential donor offering a direct deposit if you provide the organization’s bank account sounds too good to be true, it probably is. Employee Training and Awareness Basic cyber security doesn’t have to be costly. Regardless of how much technology, third-party services or insurance an organization purchases for cyber security purposes, humans will always remain the fragile part of the defense chain. One misguided employee can still infect the organization by clicking on a malicious email link. Strengthening the weakest link with Common signs of a phishing email include:

education and training increases the cyber defenses of the organization overall. Making employees aware of an organization’s vulnerabilities will help increase security. If users understand how their organization can be attacked, they will better understand what precautions are required to protect it. Developing appropriate technology policies for employees and ensuring they are frequently communicated are essential as is periodic training to increase awareness. As technology continues to become even more critical to organizations’ fundraising efforts, taking necessary cyber security precautions is essential.

Fall 2017

43

Made with FlippingBook - Online Brochure Maker