MCC Daily Tribune Archive

What is Phishing and Social Engineering?


Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity via email. This email may appear to be from a popular social web sites, auction sites, online payment processors or MCC IT HelpDesk to lure the unsuspecting user. Phishing emails may contain links to websites that are infected with malware, Trojans,or ransomware. Phishing is typically carried out by email spoofing or instant messaging and it often directs users to enter your information at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users. Social engineering, is the art of manipulating people into performing actions or divulging confidential information for the purpose of gathering information, fraud, or computer system access.

Folks—phishing is not going away. Phishing scams are increasingly including ransomware, and paying the ransom will only give the hackers incentive to keep phishing.  MCC filters over a 100,000 suspicious emails daily from entering our email system.  The problem is that the cybercriminals change their location every 24 to 48 hours making many of them impossible to detect until a rash of phishing emails has hit your inbox.

The best defense against phishing attacks is you. Stay tuned for future articles on how to identify phishing.

Donna Pogroszewski
Communications and Network Services
10/14/2016