Phishing Awareness Poster
Due to recent events (RSA’s SecurID breach), we thought it would be prudent to create a “phishing” awareness poster.
Wikipedia sums up the meaning of “phishing” the best: Phishing is a way of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social websites, auction sites, online payment processors or IT administrators are commonly used to lure unsuspecting individuals. Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to fool users, and exploits the poor usability of current web security technologies.
To help you with your user awareness program, and to offer you a periodic reminder option, I have created the attached phishing poster that reminds users about the following:
- Don’t open any attachments that you are not expecting.
- Verify the authentication of an e-mail or its sender.
- Confirm your authorization to perform actions requested in an e-mail.
- Don’t enter sensitive information on unsolicited websites.
- Never use your network login username / password on websites.
- When in doubt, don’t! Call your Information Security Officer or Network Administrator.
Here’s a security awareness reminder poster that you may print and either hand out to your employees or post in conspicuous locations: Gone Phishing!