Criminals will jump through hoops these days just to pull off a scam. Unfortunately, these ploys are becoming more advanced with the technological advancements in today’s world. Employees must be aware that there is always someone waiting for an opportunity to get their hands on your company’s business critical data. With this said, employees can never be too safe when questioning the validity of email senders and links to websites. With the wrong click it is possible to give these malicious programs access to your network. This year we have already seen our share of crypto locker, ransomware, and malware.
This week’s scam that seems to be gaining momentum is the CEO email spoofs. This is an example of a classic phishing attempt. The attacker has specific tools that allows them to send a malicious email disguised as an email from the CEO or manager of their company. All this takes on their end is a little investigation into the company and they have all the information they need to pull off this scam. In reported cases the individual receives an email from the attacker, it’s disguised as coming from someone important within the company. Naturally, the victim wants to be a good employee, so they send the requester whatever information they have requested. The problem is it was not really someone from within the company and the information they send via email is now in the hands of the scammer. Please note, the attacker uses the fear tactic to get the information out of the end user.
The alert for this new threat comes straight from the FBI, they have recently seen a spike in these attempts. Employee awareness is the first and strongest defense. ICS offers a simple test for all our partners. At your request we will build a phony email and send it out to your employees. This email will bring no harm to your network. The purpose will be to see which employees fall victim to the fake scam. This lets you know which individuals need a little more training on network security. It only takes one user to infect an entire network. Down time equals financial loss, so make sure all employees are aware of these type of threats out there!