The importance of information and system security is vital to every organization or individual. Throughout this course, I learned to identify different threats and also use commands to help see if a device or server is online or offline. With these commands, people with bad intentions can cause harm to an organization with a DoS (Denial of Service) or DDoS (Distributed Denial of Service). According to our textbook, a DoS attack is achieved by submitting vast access requests simultaneously to one target website, causing that site’s web server to be overloaded, thus preventing the legitimate request from being handled. A DDoS is when a DoS attack uses multiple computers on a target website (Vahid, 2019 Chp 8.8). To help with these attacks, an organization will implement defenses that will detect and block request from those sources before it reaches the server.
Identifying computer security incidents is essential in protecting yourself and your organization. The two topics I have chosen are Email Spam and Phishing. Email Spam is when someone receives unsolicited messages sent in bulk by email to trick potential victims into downloading malware, sharing data, or sending money. The most recent example is the ‘Nigerian Prince’ email scam, where someone impersonates a person and asks for help transferring money with the promise of a lot of money in return for helping them. The recommendation to avoid these types of email spam is to add a third-party antispam filter to your email client. Another recommendation is reporting, blocking, and deleting suspicious emails in your inboxes.
Phishing is an Internet scam that baits users into sharing sensitive information like a password or credit card number. Computer systems are vulnerable to this because phishing is common with emails, and emails sent to users appear to look legitimate from known organizations to have you try to log into a fake website which then the server stores the entered information (Vahid, 2019 Chp 8.5). Using your information can compromise your accounts as they will try to log into different websites to see if it is the same username and password. A recommendation to protect yourself from this is when you see an email that comes in, and you are suspicious of it, go to the website directly to check if there was suspicious activity on the account. By not clicking on the email and logging into the website directly, you can protect yourself from any phishing email. Another recommendation is to install security software on your computer because it can detect common malware in your system so your information will not be stolen. Also, it is recommended that you look at the emails carefully because phishing emails are usually sent with misspelled words or use a different email domain than the one they are posing.
Reference
Federal Trade Commission. (2019). How To Recognize and Avoid Phishing Scams. https://consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams
Leonhardt, M. (2019). ‘Nigerian Prince’ email scams still rake in over $700,000 a year-here’s how to protect yourself. https://www.cnbc.com/2019/04/18/nigerian-prince-scams-still-rake-in-over-700000-dollars-a-year.html
Vahid, F., Lysecky, S. (2019). Computing technology for all. https://learn.zybooks.com/zybook/TEC101:_Fundamentals_of_Information_Technology_ &_Literacy_(TED2227A)
Webroot. (2022). Spam vs. Phishing. https://www.webroot.com/us/en/resources/tips-articles/spam-vs-phishing
No comments:
Post a Comment