“Hacker Alert: Employees Beware”
Dear Blast Readers,
Is your company open to cyber attacks? Do your employees take cyber security seriously? How can you get your employees to take cyber security more seriously? Did you know that many security breaches are caused from employee’s careless decisions and their lax attitude?
Cyber criminals gain the trust of the employees working for the targeted businesses by using social engineering tactics, but there are also other tactics that can be used.
One of the tactics that cyber criminals have been using is referred to as the “Business Email Compromise”. This is when cyber criminals target the employees that have access to the company’s finances. Some examples of cyber scams include:
- Bogus Invoicing Scams. When a compromised employee’s account is requesting a payment information change.
- CEO Fraud Scams. When the cyber criminal is pretending to be a CEO requesting an emergency payment.
- A Compromised Employee’s account scam. The compromised account can send out a false invoice to vendors.
- An Attorney’s Email Identity Scams. This email’s identity could be used to pressure immediate payments.
For the company’s safety, it is important for employees to be cautions and take cyber security seriously. Altering an employee’s behavior may seem like a challenging task. There are conditions that can be created to help reduce cyber threats, even if the threats cannot be eliminated altogether.
How can these conditions be created?
These conditions can be created by educating employees. It is important to remember, when educating employees, to make your message stick in their mind. To do this it is important to remember:
- Do not use scare tactics. Treat cyber security awareness as a marketing campaign, with the purpose of persuasion.
- Use videos and infographics.
- Do not send out long memos, they will get ignored. It is important to keep it fun & short.
As important as it is to educate your employees on cyber security, it is also important to make your employees part of the cyber security process. For your companies cyber security to be beneficial it is important that your employees are trained properly first.
How does training employees in cyber security benefit your company?
Training employees in cyber security gives them the skills and knowledge to act as a firewall, giving your company a first line of defense.
Here a few steps that can help boost your companies cyber security.
- Make Cyber security a cornerstone in your business, and make it part of every employee’s job. By doing so, this will make your employees invested in the outcome of your companies cyber security.
- Create a secure log in process by: (1) Getting rid of any stick notes with usernames and passwords written on them. (2) Creating a two-factor authentication. (3) Re-set passwords monthly.
- Stay ahead of the everchanging security threats. Update your software & security patches frequently.
- Have an “onboard process” and “offboard process”. Having an “onboard process” means all new employees should be introduced to the companies cyber security policy from the start. Having an “offboard process” ensures that you can ID ex-employees that might be disgruntled and if they pose a malicious threat to your company’s data security.
- Make sure your company has a recovery plan & backups in place. Having daily backups offsite can help your company recovery quickly from cyber attacks. Having a recovery plan in place allows you to know the proper steps to take in the event of a cyber attack
* * Remember: Cyber Security is everyone’s responsibility * *
If you have any questions about Cyber Security Training, Cyber Security, and Computer Forensics contact FDS Global. You can reach us at our office at (954)727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global.