Ο Μήνας Κυβερνοασφάλειας συνεχίζεται και το θέμα αυτής της εβδομάδας είναι “Αντισταθείτε στο Ψάρεμα”. Α, ναι, η νέμεση για τον κόσμο της κυβερνοασφάλειας - η πανταχού παρούσα και η εξαιρετικά αποτελεσματική επίθεση ηλεκτρονικού ψαρέματος (Phishing).
According to report Internet Crime Report 2020 του FBI, πέρσι το ηλεκτρονικό ψάρεμα είχε τα περισσότερα θύματα από όλα τα εγκλήματα στον κυβερνοχώρο στις ΗΠΑ. Δυστυχώς, ορισμένα από τα θύματα ήταν παιδιά.
ESET cybersecurity experts give some basic strategies that parents can follow to help their children avoid falling victim to the next attack phishing. For those of you who want to learn more about "child and Internet safety" you can visit the ESET saferkidsonline site.
But what exactly did we say is e-fishing?
"Phishing" is a disastrous method of cyber-attack based on "social engineering". The following is a brief definition of e-fishing by our Phishing.org colleagues:
"The electronic fishing is a cybercrime in which one or more targets are accessed via email, telephone or text message by someone pretending to represent a legitimate entity to entice individuals to disclose sensitive data such as personal information, bank and credit card information and passwords. ”.
One of the most common examples of phishing is an email that appears to have been sent by a bank but actually leads users to malicious URLs in an attempt to extract their personal information.
How to talk to your kids about e-fishing
As our friends at the National Cybersecurity Alliance suggest, it is important to explain to our children that they need to develop a cautious approach to digital communication. Children need to understand that an email, an SMS, an instant social media message, a phone call or a chat can be an e-fishing attempt. And most importantly, they must understand that it is the guards themselves who protect the gates from these attacks.
Of course, this is easier said than done. E-fishing has evolved and its perpetrators are capable of deceiving even the most careful adults, let alone children.
Η συμβουλή "σκέψου πριν κάνεις κλικ" μπορεί να αποβεί πολύ χρήσιμη. Μια άλλη προσέγγιση για τους γονείς είναι να εμφυσήσουν στα παιδιά τη νοοτροπία "ρώτησέ με πριν κάνεις κλικ ή το ανοίξεις". Αυτό θα πρέπει να ισχύει για κάθε απροσδόκητο μήνυμα που προέρχεται από έναν άγνωστο ή ακόμη και από κάποιον γνωστό σας.
Tips for Detecting an Fishing Attack
If we are to allow our children to spend time in front of the screen and have the responsibilities of a "guardian", we must show them how to detect cyber-fishing attempts.
Here, the word "show" is the key word, as the simple explanation of attacks phishing (and their consequences) is not enough.
In the educational video Protect yourself from Phishing (Stay Safe From Phishing), for example, Google uses a "robber" character to get the point across.
You can show children all the different places these "robbers" go to "fish" their victims, perhaps by creating and printing a list of "places we do not click on things we receive from strangers".
This list might include, for example:
• Email
• Text messages
• Messages to Facebook, Instagram, TikTok and Twitter
• Whatsapp
• Online gameα
Με τον ίδιο τρόπο μπορείτε να δημιουργήσετε μια λίστα "ΣΤΑΜΑΤΑ! ΜΗΝ ΚΑΝΕΙΣ ΚΛΙΚ!" για να την εξετάσετε με τα παιδιά σας. Αυτή είναι μια ευκαιρία να ενισχύσετε ορισμένα από τα προειδοποιητικά σημάδια που δείχνουν ότι ένα μήνυμα μπορεί να είναι απόπειρα ηλεκτρονικού ψαρέματος, όπως:
- It is not addressed to you by your name
- There are spelling mistakes and the formatting of the text is a bit strange
- The message contains attachments
- You do not recognize who the sender is
- The content is scary or makes you feel uncomfortable
- He asks for personal information
- Contains strange links
Finally, you can show your children a real example of an e-fishing attempt when you receive such a message yourself. It will certainly happen, and it is a good opportunity to present the risk of e-fishing much more effectively.
For more information on Cybersecurity Month you can visit: https://www.eset.com/us/cybersecurity-awareness-month/