Awareness education is key to teaching how to identify the emotional triggers in a spear phishing email.
FORBES: As Neighborhood Watch For The Web, Google Now Flags Nearly 10,000 Dangerous Sites Daily
The phishing email in question appeared to come from the email account of another AP staffer, with a request to click a link to a "very important" article on the Washington Post website.
BBC: AP Twitter account hacked in fake 'White House blasts' post
Despite high-profile examples of internet security breaches, such as the recent incident of phishing email scams, 76% of the survey group thought the internet was a safe place "as long as you know what you're doing".
Many highly publicized attacks have been based on a tactic called "spear-phishing, " where email users are tricked into opening a legitimate-sounding message that contains code called malware that lets attackers penetrate corporate networks.
Some users criticised Twitter's email, suggesting it looked like a "phishing scam" - a message that impersonates an official email in an attempt to trick users into giving up personal details.
They have not been able to establish how exactly the hackers broke into the system, but believe it may have been through a so-called spear-phishing attack, where an employee clicked on an email or link containing malicious code.
This action follows a February attempt to exploit my name and my book as part of a spear phishing attack launched at .mil and .gov email accounts (see here and here), but this is not a new focus area for me or for my GreyLogic colleagues.
FORBES: ZeuS Criminals Run A "Poisoning The Well" Attack Against IntelFusion And GreyLogic
But in response to what is believed to be a phishing-style attack - where fraudsters attempt to obtain information such as by email - the company has been directly calling some of its customers.
That's a bad idea: Many personal email services do not offer the same sort of protection against malware and phishing that employees get at work.
Phishing is a scam where criminals attempt to steal your financial information through the use of email or a fake website.
应用推荐