Prevent attacks to steal your information

Never reveal confidential information to people unless you are sure that they are entitled to request and have access to that information.

What is fraud engineering (social engineering)?

To implement social engineering techniques, an attacker uses human interaction to gain or compromise information about an organization or its computer systems. An attacker can pretend to be a newcomer, a repairer, or a researcher and set out tasks to support. Prevent attacks to steal your information Picture 1 By asking questions, he or she can get enough pieces of information needed to identify the organization's network. If an attacker does not gather enough information from someone, he can contact other people inside and organize and rely on the information of the first person to gain the trust of this person.

What is phishing attack?

Phishing is a form of phishing technique. Phishing attacks often use dangerous email or websites to attract personal information as well as financial information of users or organizations. Attackers of this type will send a phishing email such as a reputable credit card company or any financial office that requires entering account information, which often presents a problem. When a user responds to this requested information, the attacker uses it to access the accounts.

How to avoid being a victim?

1. You have to suspect that phone calls and emails are not required, asking personal or other inside information. If an individual you don't know asks to come to the organization, you should try to check their identity immediately.
2. Personal information or information of a specific organization should not be provided, such as its architecture or network unless you have confirmation from the relevant authority.
3. Do not disclose personal or financial information in the email, and should not respond to email requests for information. These requests may be included in the link sent in the email.
4. Do not send sensitive information on the Internet before checking the security of a website.
5. Be careful with the URL of a website. Dangerous websites may have a look like a valid page but the URL uses a different domain name completely.
6. If you do not guarantee whether the request of the email is valid, you should try to check it again by contacting the company directly. You should not use the contact information provided on the connection to the website in the requesting mail; instead, you should check the statement of contact information in advance. Also information about fake attacks is often provided online from groups such as the Anti-Phishing Working Group (http://www.antiphishing.org/phishing_archive.html).
7. Install and maintain anti-virus software, firewalls or email filters to avoid these dangers (see more about Some spam reduction measures). How do you understand anti-virus software, Find? understand the firewall (Firewall))

What should you do when you think you are a victim?

1. If you believe that sensitive information about the organization may have been disclosed, you should report it to the appropriate (internal) authorities within the organization (possibly network administrators). From there they can warn any suspicious or unusual actions.
2. If you think your financial accounts may have been abused, immediately contact the financial office and close the account.
3. You should consider reporting to the police or competent authorities.