IT Challenges Associates to Stay Alert During Cybersecurity Awareness Month
Whether at work or at home, most Exchange associates have increased the amount of time they spend in the digital space. With nearly 6 billion internet users worldwide, the risks of digital danger continue to rise.
During National Cybersecurity Awareness Month, the Exchange IT Directorate is helping associates learn how to protect themselves and shoppers against the “phishermen” of the digital sea.
Throughout October, the IT team will send an email with a mock phishing scam, or “phish bait,” to lure associates in. The goal of the simulation is to give associates practice thinking through their actions when they receive a suspicious email.
“The ‘phisherman’ is a hacker or a scammer. They use an email as bait to hook someone and reel them in to gain access to our data,” said Rebecca Burkheart, IT systems analyst lead. “We want associates to be safer in the digital space. The safer we are as individuals, the safer the Exchange and our customer data will be.”
Exchange associates will receive points for reporting the practice emails to SpamReporting@aafes.com and interacting on the IT Teams channel. At the end of October, associates with the most points will be announced at the Cybersecurity Awareness Month virtual coffee hosted by the IT team. The top winners will receive prizes. Associates can expect an email from Exchange IT with more details at the end of the month.
Even though the simulation is a way for associates to practice safe email habits, it only takes one slipup to get hooked onto a real hacker’s line.
When someone takes phish bait, their email credentials may be exposed. This could lead to a catastrophic data breach, the installation of malicious software, or spam emails sent to other associates and customers that would disrupt business and damage the Exchange’s reputation.
“The best and most cost-effective security is knowledgeable and concerned users,” said Cybersecurity Chief T. David Drake. “Our associates are far better prepared to react appropriately to scams compared to the average government agency or retailer, and we want to continue to improve.”
The IT team recommends associates look for clues to prevent falling victim to phishing scams. The most common type of phish bait elicits an emotional response. Did the email content provoke panic, curiosity, greed or fear?
“If it sounds too good to be true, it probably is,” Drake said.
Hackers also often threaten recipients with an urgent message to prompt a quick response. If you receive a peculiar message, take a step back and look at the email with a critical eye. Acting improperly could result in the compromise of personal and customer data.
To gain practice and learn more about staying safe in the digital space, visit the IT channel on the Exchange portal.
Great idea!
As a retired AAFES-IT(IS) Nerd I was wondering if the current IT team might consider publishing some guidelines gained through the above exercise for us retirees. I understand your goal is to protect AAFES data however you folks being up to date on Cyber Security are in a position to identify current phishing trends and preventative measures to take.
The AAFES Retired Employee Association (AREA) publishes a periodic newsletter that reaches most retirees. If you so chose this would be the means of dissemination and would be greatly appreciated.
Thank you and keep up the good work.