Let’s be clear, as we no longer have to warn anyone what is going on today. It is here and has been for some time. Bad actors, as we call them, come in many forms and work for many countries and or ideals.
Now that most of the world is familiar with the threats we face on a day to day basis, lets go over a few areas that you are obligated to protect yourself and business from as not to be part of the problem but to be a well informed and aware individual or company. We implore you to let us help you protect your systems, Having one conversation will give you the confidence in what we do everyday with our security teams and training folks.
Phishing attacks and scams: You hear this soo much that it most likely goes in one ear and out the other. However this has been the easiest attack to launch and is the most successful. We see this at least 3 to 5 times per month from companies that have an employee fall for it.
What do they use this information for?:
- By getting you you login or tricking you into validating a 2 factor code, they now have access to your system and or 95% of the time your email. So they immediately use this to propagate other attacks to anyone in your contact list or who you have emailed in the past. Wow, so it may not always be about you or your company, but the bigger picture of getting hundreds and or thousands more folks hacked. Then they use this for identity theft, account takeover, financial fraud, extortion schemes on the elderly, spam, political bots that clog the system with pretend view points or voting situations. And you may have handed them the tools to do it, by making it easy.
Standard Data Breaches: This is one that most people can wrap their heads around as this is what we see in movies or shows.) Believe it or not, most folks think they have a firewall on their systems or are protected with their built in antivirus software etc… This certainly helps, but will not protect you like you think. Most folks in business and personally do not understand what goes on under the hood and how most hackers fly right by those basic systems. If you are able to install software on your machine, guess what, so is the hacker. And once they get that software installed on your machines, they have all the access you have. So remember that spreadsheet you have with that client information, umm and maybe even Social Security numbers or , maybe policy numbers or Credit info? You just gave your clients up to an attacker. And remember that could be your information on some other organization, so how do you feel about that?
Social Engineering Attacks: Sounds easy enough to avoid, we are smart. We are not going to fall for that Saudi Prince scam. Guess what, we see it happen a lot, to a lot of folks who are brilliant. Why? They are busy, they are juggling many tasks, they get caught up in it and think about what they did after they click that button or purchase that gift card. You have to understand that the hacker, gets paid a lot of money to do this and this is their only job most of the time. You also have to remember this is not just some guy in his basement, these are theft rings where one team may perform the calls, and then hands off to another team with different voices or tactics or processes the payments etc… Hackers do their research, they get your emails from your website, find out what is going on, see if you are into charity events or organizations, and they find out who controls the money etc…
We could go on a bit more, but our message is this, and yes it is a bold and powerful statement. If you are not protecting your systems and training your folks, knowing what is going in in the world, then you are lying down and putting the cover over your head pretending you are not part of the problem. So again, We implore you to let us help you protect your systems, Having one conversation will give you the confidence in what we do everyday with our security teams and training folks. Employee Security Awareness Training – JND Consulting Group (jndsupport.com)