Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Spear phishing attacks

3,530 views

Published on

A tutorial to prevent and resolve a spear phishing attack to a journalist at risk.

Published in: Devices & Hardware
  • Be the first to comment

  • Be the first to like this

Spear phishing attacks

  1. 1. How to prevent spear phishing attacks Jorge Luis Sierra Knight International Journalism Fellow
  2. 2. What is a spear phishing attack?   Spear phishing is a type of cyberattack carefully crafted to deceive a person and steal online personal information.   Spear phishing attacks tend to be personalized with features that tempt journalists to click on a link or open a document that, in fact, are malicious programs.   Journalists can lose not only private information, but also contact lists, research plans, confidential documents, names and contact information of sensitive sources.
  3. 3. Preventative steps   Always keep your computer and mobile devices updated.   Install robust antivirus software. You can use Avira, Clam AV, Immunet, Avast, Symantec, AVG or Kaspersky. Other tools are: Spybot and Prozen software.   Do a diligence process before before clicking any link or opening any file.   Use your common sense to identify a smear phishing attack: look for misspellings, fake email addresses, any signal of something weird in the message.   Avoid plugging in your devices to charge batteries in unreliable offices.
  4. 4. Preventive steps   Avoid using WiFi networks controlled by non reliable people.   Use your own mobile hotspots or mobile modems to connect to the internet or to send data.   Always use several layers of encryption to share sensitive information.   You can use PGP for Mac OSXor Windows. Add a password to open and change your documents.   Always use email services that offer end-to-end encryption.   Lear how to avoid phishing attacks here and here.
  5. 5. What if your device is infected?   Keep a copy of the infecting message and send a copy to the Citizen Lab of the University of Toronto.   Check information logs and analyze all traffic to the attacker’s IP.   Update your antivirus program and run a full scan.   Back up your information, encrypt it and store it in a safe place.   Reformat your computer to erase any trace of malware.   Alert your network of this attack and change vulnerable practices.   Use Windows appropriately, change to a Mac computer or try Linux.
  6. 6. Jorge Luis Sierra jsierra@icfj.org @latinointx 2016

×