It’s that time of year again: Phish Madness!

Mintz - Privacy & Cybersecurity Viewpoints
Contact

Mintz Levin - Privacy & Security Matters

Beware of March Madness!  Scammers and phishers take advantage of increased web traffic by impersonating popular March Madness websites, including bracket sites and game live streams.  Will your employees take the bait?

Last year, it was reported that traffic activity from users streaming games and checking brackets for updates increased by 100% during the first round of the NCAA tournament.  Monitoring sites also observed an increase in malicious activity related to this category and discovered a clear upward spike in malicious activity, such as phishing pages, adware downloads, improper handling of user data, and attempts at domain squatting.  All of this is likely going on again this year, and it will be on your corporate networks.

  • Have you implemented solutions to limit the impact of nefarious phishing campaigns?
  • Have you trained employees to recognize phishing emails?
  • Do you remind employees about the dangers of falling victim to click bait in emails?
  • Do you remind employees about simple password hygiene and to not reuse corporate passwords outside the network?

The best advice we can offer is only use NCAA-sanctioned bracket applications through your web browser. There are many third-party sites out there that attempt to probe the user to create login credentials. In 2017, it was observed that one such application collected a username and password and then transmits it in the clear. This plain text credential transfer makes the connection vulnerable to sniffing attacks. Since users commonly set the same login credentials for multiple websites, the attackers might gain access to users email accounts, bank accounts, tax preparation accounts etc., or even worse, your corporate network.

Good luck!

[View source.]

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Mintz - Privacy & Cybersecurity Viewpoints | Attorney Advertising

Written by:

Mintz - Privacy & Cybersecurity Viewpoints
Contact
more
less

Mintz - Privacy & Cybersecurity Viewpoints on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide