Opinion: Students should know the difference between spam and phishing | #emailsecurity | #phishing | #ransomware


Graphic by Francisco Wang

Over 54 billion spam calls were received by Americans in 2020. The average American received about 200 spam calls and 264 spam texts throughout that year. The sheer amount of unwanted communication toward one individual is staggering, and it is steadily increasing as technology grows and attackers find new ways to target their victims.

Spam is unsolicited electronic communication from a source that sends repetitive information to a victim. The information that resides in spam is mostly advertisement-based and does not warrant any threat toward the recipient unless they choose to click on links or download files attached to the spam message. This may unfold into other attacks such as Trojans and Ransomware.

Meanwhile, phishing is a form of electronic malicious content sent by someone referred to as a “cybercriminal,” who impersonates a legitimate source and lures users into a sense of safety to achieve a goal. Once this relationship has been established between the cybercriminal and the victim, the next steps are to guide the victim into providing any sensitive information that they can possibly retrieve. If you have ever encountered emails that guarantee a set amount of money, a new piece of electronic equipment, or a vehicle, these would be ways in which phishers would positively reinforce the victims into releasing sensitive information. Their goal, generally, is to persuade the victim into providing them with personal and sensitive data and credentials.

Spam and phishing differ in the way in which they are generally used in today’s technological climate. Cisco defines spam as being generally used for commercial purposes. In this case, companies all around the world utilize spam communication to push out many forms of advertisement at a very low cost. Cisco also reported that what makes phishing a unique entity from spam is that it is specifically and meticulously designed to target an intended individual or group who puts in a lot of effort to make the phishing message as authentic as possible.

Although spam is not necessarily as dangerous as phishing, be mindful of both forms of communication. Do NOT click on any suspicious pieces of data such as hyperlinks or downloadable attachments. To prevent yourself from being phished:

  • Verify the authenticity of the sender. Whenever you receive a suspicious email that looks even remotely authentic, verify that the email address that sent the email is one that you know of.
  • This may not always be a concrete solution, as many phishing attackers hack authentic email addresses to further prove their validity.
  • If the email address looks to be the one that you know, get in contact with the sender, preferably through other means of communication, and ensure that they are the ones that sent you the email.
  • Do NOT download any attachments or click on any links. The attacker will utilize tools like links or downloadable content for the victim to click on. Usually, these downloads or links are embedded with malicious software that will steal information from you, deny you the use of your devices or accounts, and even threaten you with a ransom that you must pay.
  • Use security software. Your devices will generally come with a basic form of security software from the manufacturer, but there are many great third party software companies that provide extensive protection to your devices such as BitDefender, McAfee, and Norton.
  • Use Multi-Factor Authentication (MFA). Although this can be a tedious step in your login processes, you will essentially use MFA to add an extra level of verification that attackers cannot obtain.
  • Backup your data. Always have a backup of your information no matter what you do. Attackers may get ahold of your data and encrypt—leaving you helpless. Using software like OneDrive and iCloud will ensure you will have access to your data.

Resources

Belcic, Ivan. What Is Spam: The Essential Guide to Detecting and Preventing Spam, Avast, 7 Sept. 2021, https://www.avast.com/c-spam#gref.

Holten, Shane Von. “Common Spam and Tips to Avoid.” South Slope Cooperative Communications, 8 Oct. 2020, https://www.southslope.com/company/blog/four-common-types-of-spam-and-tips-to-identify-them/.

“How to Recognize and Avoid Phishing Scams.” Consumer Information, Federal Trade Commission, 18 Oct. 2021, https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams.

KnowBe4. “What Is Phishing?” Phishing, KnowBe4, Inc., https://www.phishing.org/what-is-phishing.

Moody, Rebecca. “The State of Spam in the US: Report and Statistics.” Comparitech, Comparitech, 5 Oct. 2021, https://www.comparitech.com/blog/vpn-privacy/spam-statistics/.

“Phishing Attack Protection Solutions.” IBM, https://www.ibm.com/security/phishing.

“Spam vs. Phishing: What Is the Difference?” Cisco, Cisco, 3 Nov. 2021, https://www.cisco.com/c/en/us/products/security/spam-vs-phishing.html#~how-they-work.Wittmeyer, Greg. “Spam: What You Need to Know.” Gammadyne Corporation, Gammadyne, 1 Jan. 2010, https://www.gammadyne.com/spam.htm.

The opinions on this page do not necessarily reflect those of The Sandspur or Rollins College.

Have a differing or additional opinion? Send us your response. We want to hear your voice.



Original Source link

Leave a Reply

Your email address will not be published.

− one = 2