��ū�컨��

00:12

I’m here with Jeanette Okinczyc the manager of Security Operations for the University of Alaska system OIT. Today we’ll discuss the realm of phishing attacks; exploring essential strategies to detect and counteract these cyber threats.

00:20

How to recognize phishing attempts:

When it comes to identifying phishing attempts it’s crucial to understand that phishing succeeds because we’re human beings, and that we are all at risk for becoming victims of a cyber attack. My advice is for people to know that they can always take the time to verify, trust their gut instincts, and when something doesn't seem right, pause and reconsider.

Phishing preys on our vulnerabilities, but by being proactive and cautious, we can significantly reduce the risk of falling victim to these deceptive tactics. If you suspect a phishing attempt, please mark it as phishing in the Google interface. This sends a message to the security operations team so they can assess whether the circumstances warrant warning other employees to be on the lookout for parallel attempts. And if you’re not a Google user, please forward the email to ua-phishing@alaska.edu. 

01:51

Motives behind phishing attempts:

Let’s explore the aim of phishing attempts. Phishing has diverse objectives including stealing sensitive information, financial gain, and gaining unauthorized system access. Recognizing these motivations is crucial for better protection.

Phishing aims to steal sensitive information, enticing individuals to disclose personal details. This requires a cyber security culture emphasizing security measures, user education, and constant vigilance. Financial gain is another motivation prompting caution when faced with requests for financial information. Strengthening financial cyber security defenses is vital.

Phishing also targets unauthorized system access, demanding a comprehensive defense strategy with regular updates, robust password policies, and employee training. Understanding these motives helps tailor defenses fostering resilience against cyber threats.

2:57

Examples of various phishing methods:

Phishing is not limited to just email, it can manifest through phone calls, text messages and other channels. For instance deceptive emails may contain malicious links or attachments, and phone calls can be impersonations of trusted entities, and text messages might attempt to trick you into divulging sensitive information. Being aware of these methods empowers our employees here at the University to stay vigilant across different communication channels.

Phishing is a pervasive threat that exploits human tendencies. By stressing verification, intuition and caution, we can thwart phishing. Stay informed, be proactive, and we can reduce the risk of falling victim to these cyber threats.

Feel free to contact OIT Security Operations at 907-450-8900 for more information.