You may have antivirus and you may have a firewall— you may be foolproof. But are you phish-proof?
If you live in El Paso, you probably heard the recent news that the city was scammed for $3.2 million by cybercriminals who tricked the city’s staff into redirecting vendor payments into a fake account. Although internet controls were placed right away and law enforcement and FBI quickly began working the case, so far only $1.8 million has been recovered.
That left many people asking, how did cybercriminals break through a major city’s network security and data protection system? What do we need to change on our system so we won’t get hacked?
The scary truth is that the cybercriminals hacked a person, not a computer. They did so using a simple but hard-to-spot confidence trick, convincingly posing as a trusted vendor who was simply “updating” where his payment should go.
These cyber predators know how to look for the holes in your security net. They work to be experts at phishing for what is not theirs, posing as someone you trust, with requests that you’re likely to take at face value. They know that many users do not stay informed on how to spot the latest scams. Without training and education, your staff can serve as a point of entry or ‘hole in the net’.
That’s why many organizations now consider phish-proofing their staff to be just as critical as having antivirus and a firewall. Makios likes to call it the layered approach and its just one more way we provide an overall technology strategy that makes you smarter and better able to maintain a total net of security.
What happened to the city was totally preventable. Don’t let it happen on your watch; talk to us about a security assessment or security awareness training for you and your staff. We can provide a stress-test for your company’s passwords and phishing vulnerability as well as empower you with education, training tools, and solutions to keep you ahead of the curve. Send an email to firstname.lastname@example.org to schedule your assessment.