Reminder: Phishing threats require constant vigilance  

A recent report about internet security threats found that reported breaches increased by 22 percent last year, with the health care industry ranking second to business services in the number of incidents.

The report also found that for the health care industry, one in 4,375 emails were phishing attempts. That number might not sound too bad, but think of the number of emails you receive during a given week. Now think of the number of employees we have. Start to see the scope of the problem?

Phishing is everywhere

Defined as any attempt via email to get a person to reveal confidential data for the purpose of committing fraud, stealing money or trespassing on computer systems, today Phishing is a term synonymous with online fraud.

Over the years, the most common attempts have become cultural in-jokes: the Nigerian prince scam, the Foreign Inheritance trick, the Start-Up-Pay-Off scheme. Unfortunately, not all attempts are so blatant.

According to Augusta University Chief Information Security Officer Walter Ray, the best Phishing scams are the ones that feel “safe.”

“The most sophisticated phishing attempts closely mimic our own login pages,” Ray said. “They use our logo, they use the legal language displayed on all of our pages and they even reference the correct number for our Information Technology (IT) Help Desk.”

According to Ray, in the wake of previous attacks, victims of Phishing scams usually couldn’t pinpoint the moment they’d given away their information.

“People don’t always remember providing their username and password in a phishing attack because nothing stands out to them,” Ray said. “The scam site looks just like the site they’re logging into every day.”

Falling prey to such an attack can be frighteningly simple. But Ray cautions there are ways to avoid becoming a victim.

The first is learning to spot the “hooks.”

“Generally, if you aren’t expecting a link or an attachment from someone, you should always be suspicious of receiving one” Ray said. “One way hackers try to bypass that suspicion is by creating a sense of urgency in the message, saying you’ll lose access if you don’t act or provide your information quickly.”

Another method involves creating a false sense of security, such as posing as a member of the institution using an outside email address for convenience.

“If the link takes you to a non-Augusta University related website, that should be your biggest clue that something is wrong,” Ray said.

The second trick is knowing who to trust.

“No one from the IT Help Desk will ever ask for your login credentials over the phone or via email to help you resolve an issue,” Ray said. “We also don’t use pop up messages telling you to call the Help Desk on any of our webpages.”

The third technique is by far the simplest: be vigilant when inputting your username and password and report suspicious activity by sending an email to stopspam@augusta.edu or security@augusta.edu or by calling the IT Help Desk at 706-721-4000.

“Your password is considered one of the most sensitive pieces of information you’re going to deal with at Augusta University, because that’s your key to the kingdom, so to speak, that’s going to get you access to our systems,” Ray said. “Always maintain a high level of vigilance and report anything suspicious.”

Like
Like Love Haha Wow Sad Angry
Staff
Written by
Staff

Augusta University Staff is a collection of talented writers, photographers, students and professionals; all working together to promote and support the amazing impacts and every day wins of Augusta University and the people that make up JagNation.

View all articles
Staff Written by Staff

Jagwire is your source for news and stories from Augusta University and AU Health. Daily updates highlight the many ways students, faculty, staff, researchers and clinicians "bring their A games" in classrooms and clinics on four campuses in Augusta and locations across the state of Georgia.

Read on for stories of innovation in education and health care, opportunities at the center of Georgia’s new cybersecurity hub, and experiential learning that blends arts and application, humanities and the health sciences.