Social Engineering

Beware of Social Engineering Attacks

Phishing

Phishing Spear Phishing

Phishing is where the attacker sends a seemingly legit email to you, instructing you to share info, click links or download attachments that install and spread malware. The email tricks you into believing a legitimate business wants your data and threatens you for non-compliance.

Spear Phishing

Spear Phishing Target

Spear phishing is also known as "Tailored" phishing. The attacker may use your full name, username and other personal information. Crooks know that if you get an email from a friend, your bank or a familiar company, you will likely trust it.

Social Attacks

Social Media Icons

Cybercriminals flock to social media for information about their victims. You may be attacked by someone who looks like a friend sending you a special deal. Robbers use social media to find out when you are away from home. Be careful when you "check-in" to places you go for dinner and especially vacations.

Baiting

Baiting

Baiting happens when an attacker leaves a malware-infected physical device, such as a USB flash drive, in a place that is sure to be found. The victim picks up the device, and, out of curiosity, loads it onto his or her computer, unintentionally installing the malware.

Scareware

Scareware

Scareware involves tricking you into thinking your computer has a virus. The attacker then offers a solution that will fix the bogus problem. In reality, if you download it you are installing the attacker’s malware.

Ransomware

Ransomware

Ransomware is a type of malware that restricts access to the infected computer system in some way, usually by encrypting the files, and demands that the user pay a ransom to the cybercriminals to get the files decrypted.

Are You a Victim?

  • If you believe you might have revealed sensitive information about Lamar University, contact us! Always report suspicious or unusual activity.
  • If you believe your financial accounts have been compromised, contact your financial institution immediately, and close any accounts that may be compromised. Watch for any unexplained charges to your account.
  • Immediately change any passwords you might have revealed. If you use the same password for multiple accounts, make sure to change it for each account, and do not use that password in the future.
  • Find out what you need to know about business Identity Theft.
  • Find out what you need to know about personal Identity Theft.

Defend Yourself!

  • Companies you do business with should never ask for your account information, credit card numbers, passwords, or any other personal information in an email or phone call. If you have questions about an email you receive, call the company directly using contact information from their official website.
  • Do not give out personal or financial information from an unsolicited email or phone call you receive.
  • Protect your computer with anti-virus software which detects and removes malicious software (malware).
  • Lock down privacy settings on your social media accounts. Do not put personal information on these accounts. Make sure you are making information available only to those you wish to have it.
  • Pay attention to the URL of a website. Malicious web sites may appear legitimate, but the URL may use a variation in spelling or a different domain.
  • Finally, and most importantly, use common sense. A healthy dose of skepticism goes a long way. Verify information. Contact the claimed source. Stop and think about what is being asked of you.