‘Tis the season to get hacked
With the holiday season upon us, it’s once again time to prepare for that most celebrated of traditional activities; scams. That’s right, with an increase in long weekends and extended holidays, hackers and ne’er-do-wells are out in force to fleece unsuspecting companies and their employees.
These miscreants know what they’re doing, generally spending months inside your system before they strike, learning your habits and everyday communications. Once they have an idea of how your company operates, they wait for an opportune moment; generally a long weekend due to a slowdown in communication. A cybercriminal will often pose as a company executive or manager, asking an employee to purchase gift cards as a holiday gift for other workers. These fishing schemes can be very effective because the hacker knows, due to months of preparation, exactly who to target and how to target them.
How can you prevent such a holiday disaster from befalling your company? Follow these easy steps and start down the path of improved cybersecurity.
How to prevent email scams
#1: Educate your staff. CCSI has an 11 part security series that will email your staff once a week with a security tip. Email firstname.lastname@example.org and we can get your staff on the mailing list.
#2: Include security conversations in your staff meetings. Invite CCSI into your staff meetings for 15-minute refreshers around security.
#3: Follow CCSI best practices on how to lock down your network properly. Have MFA turned on and remote mail access restricted to only people who need it.
#4: Have a Written Best Practices on how large money transfers are made. If it is over $10,000.00 call the person requesting or have a written form that needs sign off by two or more parties. Never accept a money transfer request from another co-worker unless you have personally talked with them. Make sure your bookkeeper is on the same page and that they have read the best practice on large money transfers.
It’s important to make sure that all upper management is aware of these issues and is properly trained to deal with security incursions when they occur. It’s no coincidence that these scofflaws target companies during the holidays, they know it’s when we’re most vulnerable. But with a little preparation and training, you can rest easier knowing that your business is protected from these all too common cyber attacks.