RouteOne IDOne RouteOne's identity verification and authentication tool
RouteOne SecureDocOne RouteOne's electronic document storage tool
RouteOne Overview See an overview of RouteOne
View All How-to Videos
View and manage all deals and leads
Current Articles | RSS Feed
Phishing is a form of social engineering. Phishing attacks use email to solicit personal information by appearing to come from a trustworthy company or organization. For example, an attacker may send an email that appears to be from a major credit card company, financial institution, or someone you know. The email will often ask the user for personal information such as user ID and password or provide a link to a bogus website (which appears to be a valid website) asking for the same information. Phishing attacks may appear to come from other entities that take advantages of the following:
Natural disasters (e.g., Hurricane Katrina, Indonesian tsunami)
Epidemics and health scares such as H1N1
Economic concerns, IRS scams or bank failures
Major political elections
Holidays
NEVER provide anyone your user-ID and password, for any reason; RouteOne will never ask for this information, updates to the RouteOne website are accomplished through our software releases.
Do not give out employee or other information from unsolicited phone calls or emails. Verify where the caller is from and, ask for a name and phone number. Research the company and validate the person's employers. Valudate the phone number.
Never provide personal information or information regarding the company’s network unless you are certain that the person should have the information.
Never provide personal or financial information in an email or by clicking on a link.
Never click on a link in an email. Pay close attention to the URL; most will use a variation in spelling or a different domain (e.g., .com vs .net or .co vs .com).
Install and maintain anti-virus software, firewalls, and email filters to reduce some of the phishing emails.
Never leave confidential information in view of the general public. If you leave your desk, put papers in a locked cabinet and lock your computer.
If you think that you might have revealed sensitive information about the organization or the employees, report it to the appropriate person within your organization. Immediately change all passwords for each logon account. Consider reporting the event to the police and file a report with the Federal Trade Commission (http://www.ftc.gov/).
Social engineering is generally a hacker’s clever manipulation of the natural human tendency to trust. The hacker’s goal is to obtain information that will allow him/her to gain unauthorized access to a valued system and the information that resides on that system. It is also used to gain access to a physical area where confidential information is kept in paper form.
Security is all about trust. Trust in protection and authenticity. Social engineering preys upon the natural human willingness to trust and accept someone at his or her word; this leaves many of us vulnerable to attack and is generally agreed upon as the weakest link in the security chain.
Spyware refers to a category of software that when installed on your computer may send multiple popup windows, redirect your browser, or monitor the websites that you visit. There are invasive versions of spyware that may record your keystrokes (called key loggers) and will capture your sign-in credentials for sites that you have access to.
The following symptoms may indicate that you have downloaded spyware and it is installed on your computer:
You are getting endless pop-up windows
You type in a web address and get re-directed to a different website
New unexpected tool bars are in installed on your browser, or new icons appear in the task tray on the bottom of your screen
The search engine you use opens a different browser or page than what was intended
Certain keys do not work in the browser (e.g., tab key doesn’t work moving field to field)
Random windows error message, begin to appear
Your computer suddenly seems very slow when trying to open documents or programs
Don’t click on any links within a pop-up window. To close such a pop-up window click the X on the title bar instead of “click here to close.”
Choose no or close the pop-up if an unexpected dialog (pop-up) box appears asking if you want to run a particular program or perform another type of task. Always close the dialog box by clicking the X on the title bar; if that is not available, answer no or cancel.
Be wary of free software downloads. Many sites offer customized toolbars or other features. Never download software from a site you do not trust; you may be exposing yourself and your computer to spyware by downloading free software.
Don’t follow email links claiming to offer anti-spyware software – like email viruses, this may service the opposite purpose and will install spyware on your computer.
Run a full scan on your computer using the anti-virus software that you or your network engineer has installed on your machine.
Keep your anti-virus software current by downloading updates from their site (e.g., Norton or Symantec)
Run a legitimate product designed to detect and remove spyware.
Make sure your anti-virus and anti-spyware software is compatible with each other.
For more information on Social Engineer, Phishing, Spyware and other security threats please visit the United States Computer Emergency Readiness Team at http://www.us-cert.gov/cas/tips/
RouteOne IDOne RouteOne's identity verification and authentication toolRouteOne SecureDocOne RouteOne's electronic document storage tool RouteOne Overview See an overview of RouteOne