
If you click on a link or open an attachment from a suspicious email, malware can be downloaded onto your computer. Malware is “malicious software” that can control your computer and access to all your personal data and/or all sensitive data within the organization you work for.
Social Engineering Threats
The threat is disguised as a member of your organization or one you know.
They will use an email address that is almost identical to the organizations email.
The intention of the email is to gain information or access information systems. The threat is looking for confidential information such as passwords, login credentials and personal information. They do this by fear tactics like intimidation, coercion, urgency or even befriending.
In detecting these attacks, your critical thinking and knowledge of organizational norms are crucial. They can help you determine if the communication is legitimate or a potential attack.
For example:
- Has the communication gone through correct distribution channels and copy appropriate individuals?
- Has the communication come directly from a senior leader? Is this unusual?
- Is the communication from a third party urgently requesting you provide information through an online form or pay something immediately?
- Does the communication request you send files to a personal email?
If a cyber criminal hacks your account, contact the Help Desk to let them know.
Do you have a cyber security question for IT – send it to help.desk@tbh.net and we will publish your questions and answers in early November.
