20 July 2018
Visit www.avoka.com

intY warns of festive phishing scams

15 November 2017  |  4807 views  |  0 Source: intY

As the festive season approaches, organisations must ensure that staff remain increasingly vigilant of phishing attacks, delivered not only through external sources, but also supposed internal communications, such as emails from senior leadership teams, in relation to seasonal activities.

This is according to cloud distributor and current Symantec partner of the year intY.

Phishing attacks remain an ever-present plight on society with new data from Google and UC Berkeley revealing that, following a recent 12-month study, over 234,000 valid names and passwords were being obtained by hackers every week from phishing, equating to over 12million credentials.

Craig Joseph, COO at intY stresses that with Christmas only six weeks away, firms and staff must exercise caution when opening emails and electronic communications during this busy period, with threats coming from not only external sources, but from supposed internal ones too.

“The festive period represents a busy time for any industry, not least cyber criminals who take advantage of people’s goodwill by sending fake e-greeting cards and seasonal offers, all with the hope of the recipient opening it and clicking on a malicious link. For the most part, organisations and staff are increasingly aware of these tactics and know to avoid them, but often the trickier challenge comes when that email is from a recognised person, such as their own boss.

“At this time of year particularly, this might come in the form of an email supposedly from your senior leadership team advising staff about using a new holiday calendar to keep track of people’s leave during this busy period. Alternatively, an email exploiting the Christmas party, by asking staff to click on a link to pick food options for a team meal. These examples are completely opportunistic and likely to have no bearing on the organisation itself, but all it takes is one member of staff to click on a link to cause a whole host of problems for a business.”

Considering this, Joseph advises that there are several giveaways that staff should look out for to determine the validity of an email and to avoid being phished.

“Firstly, look at the email address. Cyber criminals will use a familiar email address containing the slightest of variations; possibly a missing letter or adding an additional one. If that is the case, there is a strong chance this is fraudulent.

“Next, look at the tone of the email – phishers often use language that creates a sense of urgency. Always feel free to question this and don’t be afraid of being suspicious. Alongside the tone, look at what’s being asked of you. In the case of a firms Christmas meal, does it contain any more specific information, such as the name of the venue hosting you, key dates and times? If not, feel free to question its validity.

“Finally, you must also look at the source of the email; typically, a scammer will use the most visible person in the company, such as a CEO, but applying common sense, question whether this type of email would typically come from that person. Where possible, don’t be afraid to ask the individual directly instead of responding electronically. Other tell-tale signs include seeing whether all the images from the source email are downloaded, as well as whether checking to see if the rotational banner has been removed.

“While these are all simple methods, they can go a long way to keeping a business and its staff safe and secure, through the busy festive period.”

Comments: (0)

Comment on this story (membership required)

Related blogs

Create a blog about this story (membership required)
Visit http://go.jumio.com/finextraAdVisit info.nice.comVisit https://secure.vasco.com

Top topics

Most viewed Most shared
Calmejane quits Lloyds Bank to join SocGenCalmejane quits Lloyds Bank to join SocGen
12170 views comments | 5 tweets | 7 linkedin
Metro Bank opens developer portalMetro Bank opens developer portal
10088 views comments | 5 tweets | 14 linkedin
Anything Visa can do...Mastercard takes time outAnything Visa can do...Mastercard takes ti...
9771 views comments | 6 tweets | 15 linkedin
Hong Kong plans September go-live for blockchain-based trade financeHong Kong plans September go-live for bloc...
9357 views comments | 9 tweets | 17 linkedin
Mastercard enlists Worldpay to push Vocalink's Pay by Bank appMastercard enlists Worldpay to push Vocali...
9331 views 19 comments | 14 tweets | 30 linkedin

Featured job

Competitive base, double ote, benefits
New York City, NY - USA

Find your next job