Cybersecurity
Phishing, Smishing… According to the National Institute of Standards and Technology (NIST), a Phish or Phishing is a “… technique for attempting to acquire sensitive data, such as bank account numbers, through a fraudulent solicitation in email or on a web site, in which the perpetrator masquerades as a legitimate business or reputable person.” A Smish is a text message Phish. The fake invoice scam for a product you didn’t purchase is having a Phishing resurgence and may be attached to an email from a bad actor who has created a look-alike email. Smishes offering discounts have also become common. It is never a good idea to click on a link in an email or text from an unknown source or to call the phone number listed. Also beware of robocalls – many of them are scams. The FBI has issued a warning of a FIN7 cybercrime campaign involving USB thumb drives mailed to US organizations by attackers with the goal of delivering ransomware. USB devices have been sent via the United States Postal Service and United Parcel Service. Packages are disguised to appear to be from the US Department of Health and Human Services and often contain messages about COVID-19 along with the USB, or imitate Amazon, arriving in a decorated gift box with a thank you message, fake gift card and the malicious USB. Plugging in one of these USBs to your device would enable the installation of malware. Multifactor authentication is a good security measure, but bad actors are always looking for ways to get unsuspecting users to bypass security. First of all, never share your passwords in an email. Attackers have gotten good at gaining access to user’s Outlook accounts and sending malicious email attachments that appear to have been sent by a familiar contact. Secondly, if you receive an authentication request and you weren’t logging in to an account, deny the request. Note the location of any authentication request and if it is from someplace other than where you are, deny the request. Report suspicious emails to your IT department. Cybersecurity is a critical and complex issue with potentially devastating consequences if not addressed.
NADOA Welcomes The Following New Members:
BC Operating Inc.
Samantha Durham Kristen Morcom
Comstock Resources, Inc. Sara Buck Linda Turman
ConocoPhillips
Suzanne Ortiz
Coterra Energy Inc Travis Hall
Diamondback Energy Kenton Boevers
Kaiser Francis Oil Company Johnna McMahan
Revolution Resources Taylor Nickell
Riverside Energy Michigan LLC Jill Paterson April Vannest
Unit Petroleum Company Shelley Thompson
33
G r o w t h T h r o u g h E d u c a t i o n - J a n u a r y / F e b r u a r y / M a r c h 2 0 2 2
Made with FlippingBook flipbook maker