Ethical Analysis Background Template

You are to complete this worksheet for your specific selected technology as background work for the Ethical Analysis Deliverable.  You will need to develop three primary ethical arguments made about the current state or situation(s) surrounding your technology. The goal of this exercise is to broadly consider the views of stakeholders. You can include more than three arguments, but three is a minimum.

How can you concisely state the ethical case or belief?

phishing attacks is illegal and unethical

Phishing is a social engineering technique where an attacker poses as a trusted entity and dupes victims into clicking malicious emails, text messages or links which leads to the installation of malware and exposure of sensitive information.

Phishing attacks are unethical since they involve duping victims into revealing their personal data and passwords.

Phishing attacks are also illegal because they aim to steal sensitive and personal information to commit identity theft, leading to financial and data loss.

What claims would a person that SUPPORTS the belief make?

Attackers in this instance send messages including links to phishing websites while posing as businesses or friends
Attackers would pose as legitimate businesses or friends to convince people into clicking malicious emails and links that lead to malicious websites.

Attackers can also pose as businesses and send offers such as vouchers and discounts to their victims, where they are required to click on links to claim these offers.

Google and Facebook were duped $100 million by a phisher who impersonated Quanta company and sent fake invoices to the two companies, which they both paid in full. This is a classic example of a phishing attack.

What claims would a person that REJECTS the belief make?

To increase awareness and decrease successful assaults, businesses could educate their staff members about phishing scams

Attackers are always looking for new ways to dupe their victims. This means phishing techniques are always changing and it would require a company to regularly train their workers. Regularly training becomes expensive in the long-term.

The effectiveness of the security awareness training varies and it cannot always guarantee protection from phishing attacks. The training must cover different phishing trends and techniques which cannot all be covered effectively within the short period allocated.

Some employees may fail to take security training seriously and make efforts to understand phishing because they may find it to be the responsibility of the organization or IT department. These employees often fail to take their time to analyze and evaluate whether a link or email is authentic.

 

How can you concisely state the ethical case or belief?

It is type of social engineering assault that attempt to persuade the user sensitive data

Phishing is a social engineering technique that aims to steal user data such as credit card numbers and login credentials.

Phishing uses social engineering that uses malicious emails, links and websites to persuade users into revealing personal and sensitive information.

Phishing is an unethical act that creates a sense of fear, urgency or curiosity to encourage victims to open attachments or click on links to steal sensitive information

What claims would a person that SUPPORTS the belief make?

In the US, phishing assaults caused losses of about $100 million (Sadiq et al., 2021). in the aviation, educational, and healthcare industries

74% of US organizations across all industries experienced successful phishing attacks in 2020 (Egharevba, n.d.), leading to significant losses.

The average cost of successful phishing attacks among large organizations in the US about $15 million annually. This value has tripled in the past three years across multiple industries.

American Airlines, Megallen Health Inc. and Buffalo Public Schools also experienced phishing attacks leading to heavy losses.

What claims would a person that REJECTS the belief make?

Effective anti-phishing, anti-malware, and anti-spam software should also be used to stop malicious messages from reaching staff members

Most security software have vulnerabilities and it is thus important to train employees on identifying and avoiding cyberattacks.

Companies should train employees on how they should use anti-phishing, anti-spam and anti-malware effectively to detect and avoid cyberattacks.

 Employees can also open emails through their phones which renders organizational security software ineffective

 

How can you concisely state the ethical case or belief?

Phishing is a sort of cyberattack where in a spoof email is sent to the receiver in an attempt to press them into divulging personal information, downloading malware, or doing other desired actions.

Phishing is a software engineering attack that uses a fake email that encourages users to click on links and enter personal information. This leads to revealing personal information that can be used for malicious purposes.

Phishing is a cyberattack technique where tech-savvy criminals use fake emails and websites that appear legitimate to trick users into downloading malware or releasing sensitive information.

Phishing is an attack where users receive fake emails requiring them to enter sensitive information such as login credentials and social security numbers.

What claims would a person that SUPPORTS the belief make?

Employee login information and personal information were stolen by attackers using email phishing

Phishing attackers use emails that appear legitimate that contain links directing employees to malicious websites where they will be required to provide personal information such as login information and passwords.

Phishing scams involve using fake emails that trick employees into revealing sensitive information such as employee IDs and login credentials.

Data acquired through email phishing scams can be used to make purchases, steal sensitive information, withdraw funds and blackmail.

What claims would a person that REJECTS the belief make?

Web extensions can also alert users when they try to access harmful websites through hacked URLs

Web users can download web extensions from untrusted sources that fail to warn them when they attempt to perform dangerous events such as visiting malicious websites.

Malicious web extensions have permission to fully access user data and run on all websites, including the harmful ones.

Ineffective web extensions can mistakenly direct users to malicious websites containing malware and viruses.


References

Egharevba, T. Phishing Attack-A Challenge in Cybersecurity. https://www.researchgate.net/profile/Terry-Egharevba-2/publication/357826193_Phishing_Attack-A_Challenge_in_Cybersecurity/links/61e1333470db8b034c91ad93/Phishing-Attack-A-Challenge-in-Cybersecurity.pdf

  

Comments

Post a Comment

Popular posts from this blog

  Web Request       Goddie Robins   Introduction I shall boot up my laptop and connect to an Ethernet connection through the Ethernet switches to the school router. The school router connects to an internet service provider (ISP) which provides DNS services to the school. Therefore, the DNS servers are located on the ISP’s network. The DHCP server is running on the school’s router. When I plug in the Ethernet cable, I cannot access any webpage since I lack an IP address. Therefore, the school’s network will first run its DHCP server to generate an IP address for my device.   Web Request My laptop’s operating system will generate a DHCP request and add the request to the UDP segment that contains the DHCP server and client. The UDP message is encapsulated in an IP datagram containing the source IP address (0.0.0.0) since his device has not been allocated an IP address. Still, I cannot access the network. The IP datagram that contains the DH...
Read more
Image
  Phishing Phishing is a form of social engineering attack that aims at encouraging internet users to reveal sensitive information such as bank login credentials and credit card numbers through websites that appear legitimate. Attackers, in this case, pretend to be companies or acquaintances that send messages containing links to phishing websites. Ollmann (2004) conducted a survey that revealed 57 million internet users received phishing emails in the United States and 2 million victims were compromised. Another survey revealed that there were 1,862 data breaches in 2021, with each breach costing businesses an average of $4.65 million (Fowler, 2022). This study discusses the types of phishing attacks, their implications, challenges and ways of identifying and preventing them. Phishing attacks in the airline, education and healthcare sectors in the United States led to losses of about US$100 million (Sadiq et al., 2021). Attackers used email phishing to steal workers’ login ...
Read more
Image
  Group decision-making methods The Delphi technique is appropriate when a group consensus is required when making a group decision (Dagher, 2021). It involves gathering all the ideas generated and compiling them for the group leader to break them down into a smaller list. The choices are condensed until a decision is made. The brainstorming technique provides an open environment where group members can express ideas to raise potential ideas and solutions. Group members are encouraged to provide any idea that comes to mind; there are no good or bad ideas. In the nominal group technique (NGT), the moderator records ideas gathered during a brainstorming session. Group members share their ideas with the moderator, discussing each idea to gather information. Ideas are then assigned priority scores and are pursued according to these scores. Comparison The Delphi technique is used to collect, organize, review, and revise group members' ideas. It involves generating a group deci...
Read more