Journal Entry #1

Avoiding Phishing Pitfalls

Reference: https://www.youtube.com/watch?v=inWWhr5tnEA

There were several mistakes made by Ann in this video of a technical nature, such as a weak password and no anti-virus or anti-malware software used. These shortcomings in one’s security are pretty easily remedied, thankfully. What is much more difficult, however, is remaining constantly vigilant of predators waiting for any lapse in judgement. In this video, Ann had just made a purchase from a website. Almost immediately thereafter, she received an email from presumably the same company due to the timeliness of the email. It was not. Ann provided the requested login information and her account was immediately compromised.

A few things could have been done here. First, checking the email address that sent the voucher. It was likely similar to that of the website she just made a purchase from, but also probably different enough to potentially raise a red flag. It’s also safe to assume that when she made her purchase there was no mention of a discount voucher being offered. So even though the voucher arrived shortly after her purchase, this should have been alarming as there was no mention whatsoever. In fact, as I am typing this, I just received a text allegedly from AT&T (my phone service provider) about receiving something free. This is an easy situation to assess versus Ann’s situation because there is no context for this random text, but the approach to dealing with these kinds of things should be all the same.