"Phishing is a prevalent cyber threat in Singapore. CSA advises users to be vigilant and not click on unfamiliar links or attachments. Users should also refrain from providing personal information on unknown sites. If users have inadvertently provided their personal information, they should monitor their email accounts for unusual activity," CSA and MOE said in the statement.
--
Phishing will be very difficult to defend - as it look like a "legitimate act" to any security devices.
Providing a URL link - so that user can click on it and go to another website - is a normal legitimate IT operation --- otherwise web surfing don't work. Thus security protectection and detection devices - will not flag it as security breaches.
What is malicious is that - when the URL link - go to a malicious website to "phish" or "steal" user information become illegal.
Even security device that can "look deep" into network traffic or email content or web content --- cannot ascertain whether it is a malicious phishing URL link - because hackers can keep changing the URL link and webpage sites to make it look legal - when authority detect a site as illegal and block it.
Thus human brain and human intelligence need to come in - and analyse whether those email they receive or those URL link they receive - will cause harm to them.
No comments:
Post a Comment