Phishing
Brief, formal phishing education may be beneficial for Arena users. Phishing is the fraudulent attempt to obtain information such as usernames, passwords, and data, or disrupt an entire computer system or network. Attackers phish for malicious reasons, by disguising as a trustworthy entity in an email.
Some simple recommendations you can make to your Arena users:
- Teach users to not be fooled by phishing, and to not click links or open attachments in suspicious emails. One of the most effective cyber attack techniques is tricking someone to click a link or open an attachment that installs malware. These are called phishing emails because they lure you into opening an email. Phishing email can say something intriguing, useful, or appear to be a legitimate message from a real company (package delivery, payroll, IRS, social networking, etc.). They can include logos or other official-looking images.
- Instruct users to never open emails from unknown sources. Hackers want people to click on their link so that they can infect the user’s computer. Similarly, teach users that emails received from an unknown source should be evaluated based on the source and whether it makes sense. If not, it may be malicious. The sender’s address should always be verified and any links to URLs can be hovered over to validate them. For example, if the link says it’s from Arena, then hovering over the link should show a URL ending in “.arenasolutions.com”.