The Chinese University of Science and Technology issued a free mooncake phishing email, and the school responded as an anti-fraud drill. How to evaluate the school's behavior?

It is really necessary to hold some similar anti-fraud drills in schools, because college students are the focus of fraudsters. And

a lot of college students' money is living expenses, so it's really hurt to be cheated away.

I'm also concerned that some anti-fraud posters will be posted on many campuses, but this kind of publicity method has little effect and it is difficult for students to attach importance to it.

Only when students are really deceived once will they learn from mistakes. Recently, I just listened to the public prosecutor's lecture on popular science of fraud. The prosecutor said that fraudsters have tailored a set of fraud words for each fraud object and will make full use of the citizen-related information illegally obtained by the front end. ?

1. There was a kind of fraud against international students, specifically calling the international students who wanted to go abroad to tell them that there was something wrong with their visas, and they needed to give your

bank account number to them for safekeeping. At the same time, the second way (false visa management department) and the third way (false public security inspection law department) are set up in order to fool you around.

For example, for students who have a history of campus loan, they will call you and tell you that you need to cancel the account of campus loan, otherwise there will be credit problems.

Then they will trick you into transferring money. ?

My roommate also encountered a telecom fraud in his junior year. The swindler sent him a short message pretending to be the number of ICBC. After he clicked on the link (the interface was almost the same as that of ICBC), he entered his account password, and the money was transferred away shortly afterwards. (What a tragedy, all the living expenses)

So the school must take more measures to attract students' attention! Therefore, this kind of anti-fraud drill is really necessary. After experiencing a "fraudulent email", most people will

screen it more carefully next time they encounter a similar email.

I hope this kind of "anti-fraud drill" can also be actively promoted in other colleges and universities.

The proportion of successful candidates is really not low.

Second, phishing email is a means of social engineering attack in network security. No matter how powerful the encryption means, it can't stop our own people from leaking secrets. For telephone fraud, the police publicize more, and everyone has a strong awareness of prevention; Teachers and students are not very familiar with phishing emails. This time

about 1/1 of the teachers and classmates were fooled, which shows the danger.

In fact, before this, there was a real phishing email that lied that "the password of email is expired and needs to be updated". I guess it is inevitable that some teachers will learn from it. In addition, before Xigong University was attacked, it was necessary for HKUST to complete this work.

I don't think it's far from you to be fooled. If there is a cheap anti-fraud drill, it's really good. Finally, if you are fooled, the effect is outstanding.

in my last company, I explicitly told my employees that I would send us phishing emails from time to time. A few times ago, many people took the bait, but after training well, it should be better.

the punishment for taking the bait is to deduct the company's internal currency. The purpose of this currency is to improve efficiency and work enthusiasm, and it is only linked to the prize < P >.

Third, this behavior of the Chinese University of Science and Technology is extremely worth promoting! College students are definitely the key victims of telecom fraud, and many college teachers' class teachers are tirelessly reminding students

to be careful of being cheated. But many things are useless to say with your mouth, and you have to go through it once to know the taste.

just like a stick, you don't know what pain is until you hit yourself.

In this way, the Chinese University of Science and Technology makes students feel what pain is, so they can remember it naturally.

It is suggested that this behavior should be popularized in all universities in China.

if it is successfully promoted in universities, the effect will be good.

It is suggested to extend it to a group that is more vulnerable to telecom fraud in society, that is, the elderly group

. Many elderly people were cheated, and their children refused to listen to their earnest advice, forcing banks to turn imitation telecom fraud remittance into a main business.

If the country can treat the elderly in cities once by stages, let the elderly taste what it is like to be cheated. You can effectively prevent

Fan Telecom fraud! The Chinese University of Science and Technology sent 4, phishing emails, "Free mooncakes", and students were recruited. This school is really good. There are more and more fraud traps in life

, but recently, the official of China University of Science and Technology started the whole job. As the Mid-Autumn Festival approaches, the school sent a fake email to all the teachers and students.

Click on the link in the email to get the moon cakes. Unexpectedly, there are quite a few students who were recruited! ?

Fourth, the school held this activity because the National Cyber Security Publicity Week was held in Hefei recently. The school wanted to use this activity to remind students to enhance their anti-

fraud awareness and not to trust the activities on the Internet, which may lead to losses. After the students click on the link and fill in the information, a prompt file appears, telling the students that "you won the prize". In this activity < P >, the freshmen are the most recruited, so it seems that these Macey freshmen are relatively simple. At the same time, because it was sent by the school, I also < P > relaxed my vigilance. Therefore, the school made preparations in advance to avoid damage to the server.

everyone must also take precautions to avoid falling into the trap of fraud.

5. Let's get down to business. My former company has done similar drills, because there are people who can really fish. My former company has people who pay subsidies to get caught. The company where my friend

works will also, for example, take Bili Bili. It is said that they will send

mails with suffixes such as blilbili, biliblil, biilbili on a regular basis, and everyone will be fooled and then notified by email. This kind of e-mail is really necessary, which is the paragraph

of educating people to be vigilant. Basically, you should consider everything that requires personal information. Some people say that the school questionnaire is not filled in.

Generally, the school will follow

personal wishes, and it will not be forced by the school. For example, I filled in the course evaluation of the Academic Affairs Office once. Because I was too troublesome, the questionnaire of the general school will not ask you for your password. If you don't fill in it because of the "wolf coming", one is really bad, and the other is that you haven't learned how to prevent phishing scams.

Look at the source and the link address.

Last question, a bunch of people say that HKUST is really a college student who is stingy.

VI. Recently, various regions are organizing network security upgrades to cope with the increasingly complex international situation. The development of informatization has slowed down, incremental competition has turned into stock competition, and information security incidents have occurred frequently. I myself have been tortured by the offensive and defensive drills for a whole week, but fortunately, I survived it, and I survived it without foreign aid from the team.

This kind of email fraud is also a particularly commonly used means in offensive and defensive drills, but this email is really disguised at a certain level, and the email domain name and sending unit are actually well disguised.

After all, there are so many employees, it is easy to find the internal email address with weak password, and then modify the sending

display name. In fact, it's quite easy to identify the technology. You can identify it with a little basic knowledge of phishing emails. It's not the technology that deceives people, but the social worker < P > Cheng, "Moon cakes are distributed in the Mid-Autumn Festival school", which is too true. What's more, when a dormitory knows about it, it's very fast for students to spread this kind of thing < P >, and people will follow the crowd in a daze.

it can only be said that the worst deception is that our own people cheat our own people, which is hard to prevent.