Gamified Intelligent Cyber Aptitude and Skills Training (GICAST)
Gamified Intelligent Cyber Aptitude and Skills Training (GICAST)

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

Free course

Gamified Intelligent Cyber Aptitude and Skills Training (GICAST)

1.3 Cyber security attacks and phishing

Download this video clip.Video player: ou_futurelearn_cyber_security_vid_1046.mp4
Skip transcript

Transcript

CORY DOCTOROW
So there was a time that I actually got phished. I was successfully attacked over the internet. And it really illuminated the fact that security depends on you never making any mistakes, and attacking depends on finding one person who can make a mistake.
So the way that happened was the night before, I'd reinstalled the operating system on my phone, and so every time I logged into a service that normally I'd have a password stored on my phone for, it was prompting me to reenter my password, because I had a new operating system. And also, I had a new browser, and the browser hid part of the URL of the website I was looking at. So that made things bad, too.
I went to the coffee shop after dropping off our daughter at school with my wife, and she sat down to read the free sheet and I stood in the queue, and I fired up Twitter and there was a direct message from a friend of mine that said, was this you? And a URL. And the day before, I had also published a bunch of newspaper editorials, so I was getting a lot of emails and direct messages, saying oh, I saw that, or how was this, or whatever. And so it seemed kind of plausible. And I clicked on it, and it prompted me for my password. And it brought me to a Twitter login screen and prompted me for a password, which was normal. Everything was prompting me for it. It looked like I was visiting Twitter dot com, because of the way the browser was displaying, and I entered it in.
And then I got three more DMs from other people saying, is this you? And I was like, oooh, they've all been infected by something that presumably I've just been infected by, too. And if nothing else, I just entered my password into this.
The consequences, thankfully, were pretty light, because it happened immediately, and I had good password hygiene that I didn't recycle passwords across services. So I immediately sat down in the cafe, cancelled all my morning meetings, and changed that password and went through and made sure everything looked OK and then ended up blowing out the operating system on that phone and reinstalling it. Luckily, the consequences were pretty slight and nothing bad happened to me apart from losing that morning and feeling like an idiot.
End transcript
 
Interactive feature not available in single page view (see it in standard view).

Britain is being targeted by up to a thousand cyber attacks every hour. For small organisations the worst breaches cost between £65,000 and £115,000 on average and for large organisations may run to many millions of pounds. These costs can occur as direct financial losses due to fraud or theft; the loss of productivity due to time spent recovering from the effects of a successful attack; or the lost of trust and reputation.

Phishing

It may be surprising that many cyber security breaches do not result from technical failures. In fact it is commonplace for attackers to exploit the goodwill and trust of people to gain access to systems, using a form of attack that is known as ‘social engineering’. Pretending to be technical support personnel or crafting emails that ask for usernames and passwords are common forms of social engineering attacks. You may have heard the term ‘phishing’ used to describe these kind of emails. Phishing is a form of social engineering. In the video, course guide Cory explains how it happened to him.

In the next section you’ll find out about three high profile cyber security breaches.

CYBER_B2

Take your learning further

Making the decision to study can be a big step, which is why you'll want a trusted University. The Open University has 50 years’ experience delivering flexible learning and 170,000 students are studying with us right now. Take a look at all Open University courses.

If you are new to University-level study, we offer two introductory routes to our qualifications. You could either choose to start with an Access module, or a module which allows you to count your previous learning towards an Open University qualification. Read our guide on Where to take your learning next for more information.

Not ready for formal University study? Then browse over 1000 free courses on OpenLearn and sign up to our newsletter to hear about new free courses as they are released.

Every year, thousands of students decide to study with The Open University. With over 120 qualifications, we’ve got the right course for you.

Request an Open University prospectus371