Crypto locker

The coffee’s on Leslie – just in time for ‘phishing season’

 

The next time you see Leslie Gatner, Financial Analyst in Financial Services, the coffee’s on her. Gatner’s name was drawn to win the $25 Starbuck’s gift card for completing the online Phishing and Identity Theft course last month.

“We had a good response to the online course, but in my world, 100% completion would be ideal,” says Kevin Vadnais, IT Services Information Security Manager. He says he realizes it may not be realistic but it’s his goal nonetheless, especially with the holiday season looming.

“We’re coming into one of the busiest ‘phishing’ seasons with the upcoming holidays, so I would like to advise the University community to be vigilant.” Vadnais says the Christmas season logically lends itself to shipping scams by the bad guys. “Typically you will see emails from which you’re invited to download a .zip or .exe file that claims to have tracking information on a shipment. The email uses high-quality logos from companies like Canada Post, FedEx and UPS and, in addition, the grammar is far better than the usual phishing emails we see. Once the user clicks on the attachment, what it actually does is download malware on the user’s machine. The malware can contain a variety of threats: for example, Crypto locker is one that holds a computer hostage until a significant ‘ransom’ is paid, and there’s the threat of data theft. The bad guys can capture passwords when doing online banking, find personal data like social insurance numbers in tax returns, and both can lead to identity theft.”

As in all cases, Vadnais advises users to stop and ask themselves if it makes sense to simply click on an attachment, or go to the sender’s website instead to find tracking information. “Use common sense, if you’re not expecting a package, don’t click on a link that says you have one. One of the easiest clues is to hover your cursor over the link provided and compare it to what url shows next to it, or in the bottom of your browser. If it’s phishing or a malicious file, the destination in the link or image which pops up in the hover will not match what the browser text or image is showing. When that happens think twice about proceeding.”

URL hover image

 

 

 

Vadnais says the Information Security website is a good resource to check out if you’re wondering about an email. It contains some of the most current and common threats. He strongly encourages people to take the Security Awareness and Phishing and Identity Theft courses online, and more than once if required – just to refresh the memory. “They are excellent sources of information for everyone.”

Also contained on the site is a form users can complete to report a phishing attack. “The phishing messages we’re concerned about are those that appear in our inboxes, or slip by filters without the ***PHISHING MESSAGE*** alert in the subject line. We can take a lot of those sites down if we report them to the company whose image is being falsely used and alert organizations when we see one of their accounts being abused. This provides us an opportunity to take preventative measures to stop our accounts from being compromised.”

For more information, or to arrange a security session for your unit or department, please contact Kevin Vadnais at kevin.vadnais@uleth.ca.