In today’s workplace, you can never be too safe. With threats such as helpdesk support scams, CEO imposter scams, phishing, social engineering, malware built into ads and hijacked websites, its hard to know what can — and, more importantly, what can not — be trusted.
Luckily, by knowing what to look for and being able to quickly identify the telltale signs of threats like these, you will be better enabled to navigate securely through your workdays.
Steering clear of high-tech resources does not necessarily guarantee protection from security threats either. Social Engineering is an example of such non-technical threats that utilize simple human interactions – often appearing as credible authorities through phone calls or emails to employees – to convince targeted receivers to give them information or credentials which will allow them to gain access to otherwise high-security networks and devices.
Be on the lookout for messages suggesting your computer is sending “bad traffic” to the internet and/or prompts to resolve such issues through calling or emailing a third-party tech support entity to provide personal or company information that would provide the means needed for the cybercriminal to gain the access to your company’s network.
This is one of the most common examples of social engineering threats, and also the #1 email threat that you should focus on avoiding. Phishing refers to the tactics used to obtain credentials such as usernames, passwords, and credit card information from employees via email communication.
Among Phishing threats, Imposter Scams are Common. However, these imposters have come a long way since we last wrote about toner pirates, who impersonate vendors to get their hands on enough company info to pull off their scams.
These more sophisticated phishers often make spoof accounts of the company CEO, customers, or business partners — anyone the employee would hold in high esteem and respond to in a quick and agreeable manner — in order to fool employees into believing they are responding to a legitimate request. CEO Imposter Scams are especially easy to fall victim to because employees are inclined to respond to the instructions of the CEO promptly.
According to the FBI, this sort of fraud has increased by 270% over the last couple of years, resulting in over 12,000 reported incidents and over $2,000,000,000 in corporate losses.
Malvertising is a form of malicious coding that embeds malware within online advertisements, website pages, and software downloads. Even the most trustworthy of websites sometimes fall victim to the effects of malvertising, which has increased by 260% in recent years.
How to Fight Back
Stay secure and avoiding falling victim to these threats by following these top tips in the workplace:
1) Don’t reveal personal or financial information in emails (unless they are sent via an encrypted email service and you have truly verified the legitamacy of the request in advance)
2) Check the security of websites
3) Pay attention to website URLs and type known web addresses into the address bar directly, instead of clicking links, when possible
4) Verify suspicious email requests
5) Keep a clean machine
6) Keep a clean desk
You can find more detailed descriptions and tips for staying safe and secure in the workplace in our free eBook – check it out today!