Audit
Programs
AuditNet Links
AuditNet Virtual
Library
AuditNet
Newsletter
Ask
the Auditor
Audit
Jobs
Partner
Discounts
Search the Site
Our
Sponsors
Advertise
Sign
the Guestbook
AuditNet
Home Page
AuditNet®
Digital Literacy: Don’t Get Burned by Mistakes or Failure to Use Critical Thinking Skills When Evaluating Content on the Internet
During the vice presidential debate this year VP Dick Cheney made a huge digital mistake when responding to comments by John Edwards in relation to Halliburton. To refer viewers to the real facts about Halliburton, Cheney suggested they visit www.fastfacts.com for the real story. Unfortunately what he meant to say was www.fastfacts.org. Turns out that www.fastfacts.com is an anti-bush Web site.
In case you haven’t noticed there has been a deluge of scams and frauds on the Internet. Things like phishing: identity theft, email scams and fake Websites. Auditors need to be aware of the impact of these events on security both within and outside their organizations. Auditors also need to use critical thinking skills when evaluating content on the Internet and making sure that all Internet users within their organizations are doing the same.
The following is a description of two of the major threats facing individuals and organizations in the digital world.
Phishing - Phishing attacks use 'spoofed' e-mails and fraudulent websites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords, social security numbers, etc. By hijacking the trusted brands of well-known banks, online retailers and credit card companies, phishers are able to convince up to 5% of recipients to respond to them.
Identity theft - occurs when someone uses your personal information such as your name, Social Security number, credit card number or other identifying information, without your permission to commit fraud or other crimes.
The above fraud schemes are meant to obtain personal or business information in order to gain access to accounts, finances and more. Auditors need to make sure that clients and customers are aware of these schemes and that the organization is taking the necessary steps to protect employees from falling victim to these attacks.
Here are some tips from the Anti-Phishing Working Group
- Be suspicious of any email with urgent requests for personal financial information
- Don't use the links in an email to get to any web page, if you suspect the message might not be authentic
- Avoid filling out forms in email messages that ask for personal financial information
- Always ensure that you're using a secure website when submitting credit card or other sensitive information via your Web browser
- Consider installing a Web browser tool bar to help protect you from known phishing fraud websites
- Regularly log into your online accounts
- Regularly check your bank, credit and debit card statements to ensure that all transactions are legitimate
- Ensure that your browser is up to date and security patches applied
http://www.antiphishing.org/consumer_recs.html
Share these tips with your IT folks, management and your friends and family. There is nothing worse than being a victim of a digital scam.
If you have tips and techniques for ensuring digital literacy within your organization, feel free to contact us to share with the AuditNet community!
Until next month...
