Cybercrime is one of the biggest threats a business can face today. Because of this, it’s important to know how these criminals operate, so that you can educate your employees and protect your business. The most common tactic used by cybercriminals today is called Social Engineering.
The days of brute-forcing passwords are largely gone. Instead, criminals use Social Engineering to get what they want. They’ll pretend to be someone trusted – IT staff, upper management, known vendors – and ask for either compromising information or behavior, such as providing passwords or access to network equipment. This tactic relies on most people’s natural desire to help others – rather than suspect them; a quality that unfortunately can lead to bad consequences.
So how can you and your staff protect your company?
The most common method of contact for these cybercriminals is email. It’s easy for them to spoof their email address and pretend to be a trusted contact. If there’s ever any doubt, employees ought to pick up the phone and call the person in question, using a publicly published phone number. A two-minute phone call can prevent complete disaster.
Employees should also be conscious of the message in the email.
• Does it use the same sort of language that contact usually would use?
• Does the signature match past emails?
• Is the email address accurate, or simply a close imitation?
• Is there any sort of urgency that might lead to an employee rushing to action before questioning the intent?
All of these can be red flags for a potential Social Engineering attempt.
Of course, it’s vital to have a trusted IT provider on your side, to provide daily support for you and your staff, and mitigation in the worst-case scenario. Employees should always have an IT resource they can forward any suspect emails to, who can make the final call on the legitimacy of any email.
At Layered Systems, we take email security very seriously, implementing enterprise-grade spam filters, phishing detection, and advanced security training to keep your staff aware and safe. Contact Us today to learn how we can help safeguard your business against the latest cyber threats.