Last week I was searching for other practical tips to pass
on to our readers, as well as the different threats to data security in
general. As I was reading an article on ESET’s We Live Security on threats that companies need to be aware of, the
subject of email was brought to mind, and particularly how cyber criminals use
it to attack a business where it is often weakest: its employees.
Although many businesses these days are using Firewalls,
Anti-Virus, and other information security standards, it seems attacks are
regularly managing to break through. This is because people are often untrained
on what things to look for, and unfortunately oftentimes don’t use common
sense.
One particular way that thieves have been targeting private
data recently is through Phishing and Spear-Phishing attempts, a type of attack
that often begins with email. Two such attacks occurred in the past month, one at Seagate and another at Moneytree. Both of these attacks were essentially
scams, in which the thief impersonated someone higher up the ranks in the
company in order to have a legitimate employee of the business send them
private data. Both of these cases resulted in the thieves obtaining W2’s of
some of the companies’ employees.
It seems that many people believe that Firewalls and spam
filters will catch every threat that tries to enter their inbox, but that is
not always the case. Special care needs to be taken when opening email,
verifying who sent it and why. Did you start receiving emails from Ray-Ban
without ever subscribing for special offers from them? Emails like this may
look entirely legitimate, but it’s also very possible that the links within
lead to malicious websites that attempt to harm your computer.
Likewise, if someone emails you claiming to be your superior
and requesting sensitive information of employees or customers, verify by other
means that the person is who he says he is, and actually needs this data. A
simple phone call using a company directory can often save the business from
serious data breaches such as the two that occurred these past few weeks.
Many of those reading this may be trained on what to look
for, but we need to be sure to train others around us. Inform your friends and
co-workers about new methods of cyber-crime and the signs of scams. If you
receive an email that you know is a scam or may lead to malware, show others so
they know exactly what to look out for. The majority of cyber-crime is
successful only because of human error, and proper awareness is the biggest key
to limiting its effectiveness. So teach others what you know, and we can
improve the state of information security.
Have you seen any scams or suspicious email messages recently?
Tell us about them in the comments section below!
And as always, if you’d like more information on how Astria
Business Solutions can assist you in your Information Security goals, visit our
website at
AstriaBiz.com
No comments:
Post a Comment