Information Security Report #1

Date: 29th August 2018

Author: your name

Threat Name: Phishing

Threat Description: Phishing could be defined as a cyber attack that uses disguised email as a weapon. Phishing is an example of a cybercrime where a target is contacted through E-mail, text message or telephone by an individual who is pretending to be a legitimate institution in a bid to make people to provide sensitive data. Such information may include banking and credit card details, their passwords or even their identifiable information. The information is then used by the attackers to access vital accounts and this may lead to identity theft and even financial loss. Phishing is a part of the social engineering technique where the users deceive the users as well as exploit their weaknesses in the current web security (Fruhlinger, 2013). There are two types of phishing attacks. The first is hand over sensitive information. This is when the attackers send messages to people in a bid to acquire sensitive information from them. Moreover, the second type of phishing attack involves download malware. In this type of phishing attacks, the victim infects his or her own computer with malware through files sent to them by the attackers. One of the most common malicious codes is ransomware.

Next Steps: There are various in which the company can mitigate threats based on phishing. The first is that the employees can be advised to check the spelling of the URLs in Email links always before they click or enter sensitive information. They could also avoid giving out personal information about the company. The company can also implement proactive measures (Fruhlinger, 2013). They include sandboxing the inbound email. This helps in checking the safety of each link that the user clicks. The second measure involves inspecting as well as analyzing web traffic. Thirdly, the company could also use open- testing in the firm.


Fruhlinger, Josh (2013). “What is phishing? How this cyber attack works and how to prevent it.” Retrieved from:

CSCI 410 insert your username here v1.6 Page of