Cyber-attack! Would your firm handle it better than this?
Take a look at the BBC article below and try to relate this to your own business. If in doubt; educate as this is your ultimate security defence.
This is a real scenario we are seeing happen more often. The weakest point of any security policy; software or hardware is human intervention, with computer users defying all logic and common sense to navigate around a security warning. The most common breach can be traced to a user providing their username and password from a targeted phishing email. The levels of sophistication used by scammers involves very detailed research in the hierarchy of a business. The email hack is used to target the person with financial control and these are often spoofed as the business, owner or director. As so many of us inadvertently post our life schedules online, the scammers can utilise a period whilst you are away from the office or on holiday to target a scam.
iTG is running our own in-house developed ‘Simulated Phishing Education Campaigns’ or SPECs for short, as an inclusive service for our Pro-Active Support clients. How this works: without the knowledge of the clients management or staff or even a likely schedule; we send phishing emails seeming to come from Apple, Microsoft, a supplier or even one of their colleagues. We create realistic fake landing pages; we then record their responses to clicking on links, and adding sensitive login details. We provide results of the tests to the business owner and supply educational materials to all of the staff members to assist them in avoiding scams and spoof emails.
What is most interesting from the results so far is that the more senior staff are often the ones that fail the SPECs testing. We put this some of thdown to their statistically higher amounts of email; they are used to regular requests for financial transactions and their lack of immediate consequence for a security breach – nobody can sack the boss for not following the rules!
The benefits are a reduction in the risk of fraud; loss to the business in PR and financial terms; and less chance of a claim being made on an insurance policy. iTG provides SPEC’s as part of our inclusive Pro-Active managed support or for a cost of £25.00 per user per campaign discounts for volumes over 50 users are also available.