April 01, 2014 by Eric Cates
March Madness is here and not everyone is interested in putting his or her bracketology knowledge to the test.
When March comes around every year, many people log into websites, mobile apps and email offers to place bets and start up groups of competing brackets to see who will take home the prize of this year’s March Madness results, and while this can all be in fun, it can also lead to information security breaches.
Whether it’s searching the web for live streaming video or updated scores and news, this could mean business for the bad guys looking to corrupt your system. For these scammers, March Madness means several weeks of opportunity to bring in unsuspecting employees; plant malware on their companies’ networks, applications and databases; and steal valuable data.
This can result in few different ways, such as the following:
- Compromising legitimate websites
- Poisoning search engine results
- Delivering phishing emails inviting people to click on malicious links
Many companies find this time of year offsetting because many polls are done through offices with fellow colleagues, which increase camaraderie and morale, but security awareness is key in keeping this a positive experience.
Knowing what technology you are using is essential to detect, block and filter out malware before it reaches the end user. According to a recent study titled “Security Pressures Report” done by Trustware, which details the findings of a worldwide survey asking IT professionals about the pressures they face surrounding security, targeted malware topped the list of threats exerting pressure on IT professionals. To defend against this threat, programs such as a secure web gateway can help protect against malware and data loss.
AVG Technologies recently offered listed methods used to trick March Madness enthusiasts as well as tips to stay protected:
Spamdexing – Designed to elevate fraudulent websites to the first page of search results. Cyber criminals manipulate search engines by using repeated phrases or optimizing a Web page around one topic to confuse visitors into downloading virus-infected brackets, encouraging them to register and collecting identity details in the process.
Phishing – Cyber criminals send out emails suggesting recipients register now to put in their playoff predictions, they deploy clever tactics to direct fans to places where they can steal personal details. They may even suggest using Facebook login to register, giving them access to very valuable pieces of a persons identity.
Tips to winning the security battle:
- Go to a trusted source to enter your predictions or collect bracket printable content.
- If someone is making you an online offer that seems too good to be true, the offer is likely a scam. Check the address of the website in question. If you do not recognize the brand or if it looks suspicious, leave immediately.
- If you are unsure about an email, delete it.
- Rather than clicking a link, manually type in the Web address of a site and navigate to the content you want to get.
For more information on security best practices for your organization, check out our security awareness and compliance library here.
***Photo credit (image was cropped).Read More...