Developing network literacy is a continuous process of, not only “becoming comfortable and proficient with tools to use in interactive online environments,” but also becoming knowledgeable about how to protect yourself and your online identify in an online environment.
One of the most common methods that criminals use to steal users online identity is by getting the user to reveal personal details through a method called “phishing”. Phishing is defined as a “criminal mechanism employing both social engineering and technical subterfuge to steal consumers’ personal identity data and financial account credentials.” Criminals often use very realistic emails asking the user to reveal personal information such as passwords or financial information.
Another form of phishing is called “spear phishing”. The difference between phishing and spear phishing is that spear phishing is sent to targeted individuals whereas phishing is sent to a mass of individuals. According to Forbes, spear phishing is an example of how John Podesta’s emails were hacked. Criminals emailed Podesta from a spoofed webpage in which he was asked to change his password. After he clicked on the link, the criminals were able to access his emails with the stolen password. With the stolen password, criminals were able to use that password to connect to other social networks because the same password was used for his Twitter account.
In order to stay vigilant against phishing and spear phishing follow these recommendations:
- Never use the same password for any account
- Never go to a site by clicking on an email, instead type the url directly in the browser.
- Enable two factor authentication to prevent hackers from gaining access to a user credentials.
Please continue the conversation by adding more recommendations to the list and in the near future we will summarize the list.
This post was published on the OneOp blog on November 3, 2016.
This work is licensed under a Creative Commons Attribution 3.0 Unported License.