Stranger Pings

Ahh, October! It really is the coziest month, isn’t it? At the mere thought of October you can almost smell the fresh, crisp autumn air, feel the warmth of a soft woolen sweater, taste a hot spiced drink, and hear the crunch of leaves underfoot. These comfy feelings are the perfect contrast to Halloween, when we embrace our fears and delight in spooky stories and images of ghosts, ghouls, witches, and werewolves.

I have a scary tale to tell, one of a danger that hides in plain sight and threatens to catch you unaware and seize your very existence. This predator is more alive than a zombie, and easier to fall victim to than a murderous clown.  So, let us now embody both the hygge and horror of October. Put on some fuzzy socks, grab your pumpkin spice latte, and cuddle up in a blanket while I unnerve you with the evils of a fiend called ...dunh, dunh dunh!!! ...the phisher.

The first reports of a phisher began around 1995. The phisher’s attacks, called phishing, became more frequent in 2003 and have continually increased in number and evolved in danger. Phishers will attack you where you work and live. A phisher could be a member of an organized crime ring attacking you from overseas, or an individual operating alone from a local coffee shop. The phisher’s enormous power has ruined lives and destroyed corporations. In the connected world we live in, we are all targets for phishers. No one is safe.

Fortunately, It’s not all doom and gloom. By understanding why phishers phish and recognizing their tactics we can avoid falling prey to their attacks. In simplest terms, phishers want to trick you into giving them your password, social security number, credit card number, or other important information and use it for their gain.



The top guidelines to avoid phishing scams and keep your identity safe include:

1. Have a strong password. Passwords should be long and complex, regularly change passwords, don’t reuse passwords, and never share passwords. 
2. Think before you click. Don’t open attachments or click on links in emails if you weren’t expecting to receive them. Don’t fill out forms with confidential information, like passwords, unless you are on a trusted site. 
3. Keep informed. New phishing scams and techniques are being developed all the time. 

Do you know how to recognize a trusted website or a spoofed email sender? Do you know how to select a strong password? You may be surprised to find out Greenpigeats14tacos! is a much more secure password than Tj3$*f1@ (and it’s easier to type and remember!). Its vital, not just for your own safety, but for the security of BPS that you understand these concepts and feel confident in your cyber security skills. 

Ongoing security awareness training is highly recommended to keep employees informed and ensure security is top of mind. BPS is rolling out BPS Cyber Security forums in Learnbps that will provide a venue for BPS users to interact with each other and share information on new phishing scams or security risks that they encounter. In addition, we will provide you with the tips and tricks you need to identify phishing emails and learn why Greenpigeats14tacos! is a good password (or it WAS, before I shared it online with the world).

BPS Cyber Security Forums will feature three different forums:

1. Announcements - New threats and scams circulating on the internet or affecting BPS will be posted here 
2. Cyber Security Discussion - This is a place to post your questions or notify others of potential dangers by sharing a phishing email or scam that you received 
3. Cyber Security Awareness and Training - We will post tips, tricks, and offer general knowledge training pieces to help you become a cyber security super hero! 

There are a lot of exciting things coming our way in the next couple of weeks, like Halloween and the return of Stranger Things on Netflix, but don’t forget to watch for your invitation to the BPS Cyber Security forum in Learnbps. Enjoy the rest of your October, which coincidentally is National Cyber Safety Awareness Month!

Join us on Tuesday, October 24th for the #learnbps Twitter discussion!

1. What is your biggest cyber fear?
2. What is a cyber security risk you see others take that makes you cringe?
3. Are you worried about forgetting your password? Why or why not?
4. What are the steps you take when you are uncertain of a potential risk?
5. Do you have cyber security questions, or your own advice? BPS employees - share it in the Cyber Security Discussion forum!