您知道如何識別釣魚攻擊嗎?!試試Google的網路釣魚線上測試

想必大家都喜歡測試吧,不妨試試Google的線上測試,看看自己對釣魚攻擊的辨識能力有多高

Google技術孵化器Jigsaw發佈了一份測試(https://phishingquiz.withgoogle.com/),評估用戶對釣魚攻擊的辯識能力。為區分正常郵件和釣魚郵件之測驗內容,藉以說明不法份子慣用或如何竊取您財務、個人資料和身份資訊的詐騙手法。此測驗還附帶完整的解釋,分析正確答案為何屬於或不屬於釣魚攻擊。

測驗中列有八種情形,都是依據現實生活中不法份子慣用伎倆的真實案例,各案例性質也有所不同,包含通過Google Drive分享檔、電子郵件安全預警、Dropbox通知訊息等,當中也有要求收件人立即關注的所謂重要附件,但這些實際上都是引誘使用者在設備上下載惡意程式。

釣魚攻擊一直是最為流行的網路犯罪手段,長期以來都是不法份子用以竊取使用者重要資訊的極好途徑。從Jigsaw統計數據得知:“釣魚郵件占當今電子郵件總量的百分之一”。

事實上,許多資安事件都是因用戶不經意點擊某個惡意連結或打開危險附加檔案所引發的;對於後者,最常見的傳播途徑就是電子郵件和社交網站,儘管垃圾郵件過濾機制能夠發揮一定的作用,過濾掉很多詐騙類郵件,但仍有部分詐騙郵件能夠成功滲透,這就意味著除了安裝專業的資安產品外,使用者自身具備釣魚攻擊辯識能力也是不容小覷的。 

此外,如同Jigsaw所建議,用戶應盡可能啟用雙重身份驗證機制(2FA),雙重身份驗證能夠在儘量不費時費力的同時,新增一道重要的防護屏障,該機制最好能通過專用硬體設備部署,或通過身份驗證類應用程式收發金鑰,而不是透過手機簡訊(雖然有簡訊總比沒有的要好)。

最後,如果您的答案全都正確,那麼恭喜您!提醒您還是要有危機意識,因很多詐騙類的電子郵件更為隱蔽,“即便受過專業教育訓練的人員也難以察覺”。 ESET資安產品家用及企業版均配備「網路釣魚防護」功能,有效阻止您的重要資料被竊取及遭到網路釣魚攻擊。 

原文出處:https://www.welivesecurity.com/2019/01/24/spot-phish-take-googles-test/

# ESET雙重認證安全:https://www.eset.hk/business/two-factor-authentication/

 

 

 

關於Version 2

Version 2 Digital 是立足亞洲的增值代理商及IT開發者。公司在網絡安全、雲端、數據保護、終端設備、基礎設施、系統監控、存儲、網絡管理、商業生產力和通信產品等各個領域代理發展各種 IT 產品。透過公司龐大的網絡、通路、銷售點、分銷商及合作夥伴,Version 2 提供廣被市場讚賞的產品及服務。Version 2 的銷售網絡包括台灣、香港、澳門、中國大陸、新加坡、馬來西亞等各亞太地區,客戶來自各行各業,包括全球 1000 大跨國企業、上市公司、公用事業、醫療、金融、教育機構、政府部門、無數成功的中小企及來自亞洲各城市的消費市場客戶。

關於ESET
ESET成立於1992年,是一家面向企業與個人用戶的全球性的電腦安全軟件提供商,其獲獎產品 — NOD32防病毒軟件系統,能夠針對各種已知或未知病毒、間諜軟件 (spyware)、rootkits和其他惡意軟件為電腦系統提供實時保護。ESET NOD32佔用 系統資源最少,偵測速度最快,可以提供最有效的保護,並且比其他任何防病毒產品獲得了更多的Virus Bulletin 100獎項。ESET連續五年被評為“德勤高科技快速成長500 強”(Deloitte’s Technology Fast 500)公司,擁有廣泛的合作夥伴網絡,包括佳能、戴爾、微軟等國際知名公司,在布拉迪斯拉發(斯洛伐克)、布裏斯托爾(英國 )、布宜諾斯艾利斯(阿根廷)、布拉格(捷克)、聖地亞哥(美國)等地均設有辦事處,代理機構覆蓋全球超過100個國家。

No More Ransom, a global anti-ransomware initiative, announces ESET as new partner

ESET – a global leader in information security software – has been announced as the latest partner of No More Ransom, an international initiative between Europol, the Dutch National Police and major cybersecurity organizations in the fight against ransomware. The collaborative project helps victims of ransomware attacks recover their personal data and has so far managed to decrypt the infected computers of 72,000 victims worldwide. 

With its 130 partners, the No More Ransom online portal hosts a collection of 59 free decryption tools from multiple security software vendors, covering 91 ransomware families. Users from around the world can access the tools for free in order to recover data held hostage by ransomware attacks. Launched in 2016, No More Ransom decryption tools have so far kept around USD 22 million out of the pockets of cybercriminals.

ESET has long been helping ransomware victims recover encrypted data, its decryption tools having previously been downloaded over 250,000 times. Now two of these tools will also be available to a wider audience through the free, centralized and user-friendly platform of No More Ransom. 

Ransomware has grown to become one of the largest cyberthreats facing businesses and consumers, and the rise of GandCrab and SamSam in 2018 has shown how the threat continues to grow and adapt. One report recently revealed 40% of all successful malware-based attacks involve ransomware

The No More Ransom project recognizes that the fight against ransomware requires a joint effort, and ESET’s involvement represents its ongoing commitment to partner with law enforcement to fight cybercrime and allow everyone to enjoy safer technology.

ESET has previously collaborated with law enforcement agencies in large takedowns of malicious infrastructure, including the disruption of the Gamarue malware family. This global collaboration between the public and private sectors involved Microsoft, the FBI, Interpol and Europol. ESET also worked with various international organizations to uncover Operation Windigo, a widespread cybercriminal operation that seized control of tens of thousands of Unix servers. And most recently, the company partnered with law enforcement bodies and Google in the disruption of 3ve, a major online ad fraud operation.

ESET’s latest partnership will continue its commitment to collaborating with law enforcement and industry partners to create a safer digital world. Visit No More Ransom’s website for more information about the project, and find out more about ESET at https://www.eset.hk.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

GREYCORTEX JOINS MICROSOFT CYBERSECURITY TECH ACCORD

On January 18, GREYCORTEX joined the Microsoft Cybersecurity Tech Accord along with 10 other companies. This brings the total to 79 signatories committed to improving the security of cyberspace. Together, GREYCORTEX and the rest of the Tech Accord members pledge to protect users and customers everywhere. GREYCORTEX joins a global expansion, contributing to the increasingly diverse reach of the signatory community – further broadening the dialogue around cybersecurity with signatories from Argentina, Bulgaria, Chile, the Czech Republic, Germany, Luxembourg, The Netherlands, Slovakia, and the United States, expressing a commitment to a more secure cyberspace. This expansion continues to deepen the group’s expertise, adding to the variety of sectors and technologies that characterize the organization.
“As a company focused on the development of network security solutions, we couldn’t agree more strongly that defense, regardless of the type or goal of the threat, is essential to defend the world from cyberattacks. Moreover, we firmly believe that governments and enterprise should act defensively, and that such defense should be both simple and complete. We are happy to be part of the Cybersecurity Tech Accord,” said Petr Chaloupka, GREYCORTEX CEO.
By joining the agreement, the signatories agree to four key commitments:
a stronger defense against cyberattacks – pledging to protect all customers globally regardless of the motivation for attacks online;

  1. a stronger defense against cyberattacks – pledging to protect all customers globally regardless of the motivation for attacks online;
  2. taking no offense by choosing not to help governments launch cyberattacks against innocent citizens and enterprises and will protect against tampering or exploitation of their products and services through every stage of technology development, design and distribution;
  3. doing more to empower developers and the people and businesses that use their technology, by helping them build and improve capacity for protecting themselves; and
  4. building on existing relationships and taking collective action together to establish new formal and informal partnerships with industry, civil society and security researchers. The goal being to improve technical collaboration, coordinate vulnerability disclosures, share threats and minimize the potential for malicious code to be introduced into cyberspace.

Since forming the Cybersecurity Tech Accord, the signatories have supported initiatives on email and routing security, implemented Domain-based Message Authentication, Reporting and Conformance (DMARC) in their own operations, participated in global requests for comments on the UN’s new High Level Panel on Digital Cooperation, and endorsed the Paris Call for Trust and Security in Cyberspace as an early supporter. Additionally, the group has coordinated with like-minded organizations such as the Global Cyber Alliance, the Internet Society, and the Global Forum on Cyber Expertise (GFCE).


About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About GREYCORTEX
GREYCORTEX uses advanced artificial intelligence, machine learning, and data mining methods to help organizations make their IT operations secure and reliable.

MENDEL, GREYCORTEX’s network traffic analysis solution, helps corporations, governments, and the critical infrastructure sector protect their futures by detecting cyber threats to sensitive data, networks, trade secrets, and reputations, which other network security products miss.

MENDEL is based on 10 years of extensive academic research and is designed using the same technology which was successful in four US-based NIST Challenges.

有關終止24小時技術支援熱線服務的通知

由 2019 年 2 月 1 日起,本公司將終止24小時技術支援熱線服務。技術支援熱線 (電話號碼: +852 2893 8186) 的服務時間將更改為星期一至六上午9時30分至下午6時30分 (公眾假期除外)。顧客亦可電郵至 support@version-2.com.hk 尋求技術支援協助。

謹此通知
Version 2 Limited

 

 

With effect from 1 Feb 2019, our 24-hour Technical Support Hotline Service will be terminated. Service hours of Technical Support Hotline (Tel no.: +852 2893 8186) will be changed to 9.30 a.m. to 6.30 p.m. from Monday – Saturday (except Public Holidays). Customer can also seek for help on technical issue by email to support@version-2.com.hk

Yours sincerely,
Version 2 Limited

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.