A “phishing” scam resulted in erroneous access to social security numbers, medical information, employment records, and financial details stored in the Minnesota Department of Human Services computers.
Phishing is a type of email fraud that attempts to trick a person into providing sensitive information including passwords and financial data. Phishing is often an easier information stealing process that hacking into an entire computer system.
Phishing email characteristics include: the appearance of real emails or web pages; suspicious attachments; prize or trip offerings; and requests for urgent action. The compromised data is often used for additional phishing attacks.
Signs that a phishing email has arrived include: links embedded in messages that display a weird address when hovered over by a mouse; spelling mistakes and poor grammar; a vague salutation; a request for personal credentials; threatening or urgent language; unexpected attachments; or a vague signature.
Technology exists that can help to prevent phishing attacks, a funding issue that is being addressed by the Minnesota legislature.
Summarized from West Central Tribune