The office is a division within the Mississippi Department of Public Safety. It is linked to a resource made by The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Multi-State Information Sharing and Analysis Center (MS-ISAC), and FBI. Below are the important takeaways to keep your data and your workplace safe.
Social engineering is the attempt to trick someone into revealing information (e.g., a password) or taking an action that can be used to compromise systems or networks.
Phishing is a form of social engineering where malicious actors lure victims (typically via email) to visit a malicious site or deceive them into providing login credentials. Malicious actors primarily leverage phishing to obtain login credentials and deploy malware.
To obtain login credentials, malicious actors commonly:
- Impersonate supervisors, trusted colleagues, or IT personnel to send targeted emails to deceive employees into providing their login credentials.
- Use smartphones or tablets, along with a short message system (SMS), to send text messages or chats in platforms such as Slack, Teams, Signal, WhatsApp, or Facebook Messenger to lure users into divulging their login credentials.
- Push-notification multi-factor authentication (MFA) without number matching. Malicious actors can send a multitude of approve or deny “push requests” until a user either accepts the request, often by accident or in frustration. Thus, malicious actors may authenticate with the compromised user’s credentials, if they do not have number-matching enabled.
- Malicious actors may also deceive users by sending an email containing a link to a malicious website that mimics a company’s legitimate login portal. The user submits their username, password, and their MFA code, which the actors then receive to authenticate as the user in the legitimate login portal.
To help prevent attacks, organizations should
- Implement user training on social engineering and phishing attacks.
- Enable Domain-based Message Authentication, Reporting, and Conformance (DMARC) for received emails. This provides robust protection against other users receiving emails that impersonate a domain.
- Adopt internal mail and messaging monitoring.
- Utilize free security tools, such as OpenDNS Home, to prevent cyber threat actors from redirecting users to malicious websites to steal their credentials. For more information see CISA’s Free Cybersecurity Services and Tools webpage.
Organizations are encouraged to use reporting features that are built into Microsoft Outlook and other cloud email platforms, as well as report spam directly to Microsoft, Apple, and Google, as applicable. Reporting suspicious phishing activity is one of the most efficient methods for protecting organizations as it helps email service providers identify new or trending phishing attacks.
- CISA urges organizations to promptly report phishing incidents to CISA at firstname.lastname@example.org or call the 24/7 response line at (888) 282-0870.
- To report spoofing or phishing attempts (or to report that you’ve been a victim), file a complaint with the FBI’s Internet Crime Complaint Center (IC3), or contact your local FBI Field Office to report an incident.
- State, local, tribal, and territorial (SLTT) government entities can report to the Multi-State Information Sharing and Analysis Center (MS-ISAC) by emailing SOC@cisecurity.org or calling (866) 787-4722.