Learn to Spot a Phony

Phone scams are a type of social engineering scam, which seek to dupe often busy recipients into disclosing sensitive information or providing seemingly harmless responses to questions. This article reviews some of the common phone scams and provides recommendations and best practices. More →

Phishing, Spear Phishing, and Whaling

Workplace and personal email have become the most common attack surfaces for opportunistic and targeted phishing scams. Phishing scams use social engineering to target end users. There are variations of phishing, which have distinguishing features that may be categorized using terms such as spear phishing or whaling. More →

Watering Hole Attacks

Information security discussions are plagued with bad analogies, and none sounds stranger than a “watering hole attack,” which plays off the tactic in which predatory animals stalk food by waiting at a popular watering hole. Rather than hunt their prey, the predator will wait for the prey to come to it. More →

Phishing Attacks

This year, the ITS Technology Security Group has seen an enormous increase in the number of phishing scams that have been sent out by e-mail to members of the NYU community. Phishing is a type of e-mail attack, in which a criminal claims to be representing a legitimate company or organization in an attempt to trick the recipient into providing their private information so that it can be used for fraud and identity theft. This type of scam has been relatively successful and is becoming a major problem. More →