Thursday, April 10, 2014

Don’t believe everything you see

Mmmmmmmm… Yummy! The apple pie on the picture looks good, right? Have you already started to salivate? Well you’re in for a disappointment when you find out that is not edible. A bit of wax here, a bit of gelatin there, some painting and… Here you are! An irresistible apple pie, but only for the eyes. 
We could say that tricks used by photographers and publicists to delight and seduce us have certain similarities with the baits used by cybercriminals to get our confidential data or to infect us with malware, among many other things. Phishing is an crucial technique for their strategy. For instance, banks are used as bait in 62% of financial phishing attacks in Spain, according to Kaspersky Lab, a company that in 2013 blocked 300 million of such attacks worldwide.
But cybercriminals are also using Facebook as a platform where fool us. Lately it is spreading a post that allegedly linked to a video of a person falling from the top of Victoria Falls while trying to capture a ‘selfie’. But in reality, it is nothing more than a hook to make the user who wants to see the video to install malware.
All this leads us to consider whether, when the time comes, we are prepared and informed enough to avoid falling into the tricks of these hackers. Security training has become a key policy to prevent such incidents in the corporate environment. However, according to a survey conducted by Enterprise Management Associates (EMA), 56% of employees (not related to security or IT departments) have not received any training in this field.
Then regrets for information leaks and security breaches will come, but on many occasions are a consequence of insufficiently informed and trained employees. In Canada, companies will have to be much more careful if the privacy bill they are working on is finally approved. Those organizations that suffer a security incident involving personal data breach and do not adequately inform the victims, could facefines of up to $100,000 per victim.
As an example, the last security hole in Flickr could have had similar consequences. The bug allowed an attacker to access the user’s private email addressEven though, Yahoo took two months to fix it!
Before concluding this article, we advise all of you working on cybersecurity and interested in the automobile industry that the third annual Battelle CyberAuto Challenge will take place in Detroit this summer. Topics on secure system design, secure programming, embedded systems and IT law and ethics will be discussed.
We invite you to rate our posts, to leave your comments and to share them on social networks. Also, if you want you can follow us on our profiles. At the sidebar, you’ve got the links


Post a Comment