teiss Cyber Brief - Example 1

“Let’s Go Phishing”

Latest scams: Phishing is here to stay!

Research by Webroot has shown that almost a quarter (22%) of employees have had a phishing email related to COVID-19 delivered to their inbox. When combined with a reported 34% increase in emails in 2020 compared with 2019, this shows how much harder it is becoming to filter out the valid work emails from the potentially harmful and destructive phishing emails.

According to a survey of 7,000 workers worldwide, there does however seem to be some confusion amongst workers as to actually how well they are doing:

“81% of people say they take steps to determine if an email message is malicious. Yet 76% open emails and click links from unknown senders.”

Do you know what you need to do to avoid clicking on a phishing link and potentially causing huge financial losses or irreparable harm to your company? Here are the top three things to bear in mind before opening an email:

1. Do you know who it is from; is it an unexpected email?
2. If it sounds too good to be true, it probably is.
3.A sense of urgency pushes you to make a rushed decision business processes are rarely as time sensitive as phishing emails makes out.

Salutary tales: Even the professionals get it wrong sometimes.

There are of course many other things to look for, and you can find out more at the National Cyber Security Centre’s website here.

Do you remember when Bill Gates offered free Bitcoins to anyone that replied to his Tweet? Or Joe Biden? It was all part of a “spear-phishing” attack carried out on Twitter to gain access to certain people’s accounts.

The attack was reportedly carried out by making phone calls to  Twitter engineers asking for account passwords to be reset. This resulted  in scam tweets being sent from legitimate accounts. In some cases it took up to 10 days for the real owners to get access to their accounts again.

Spear phishing involves scammers targeting communication at individuals, rather than just sending out a mass of generic communications that they hope someone will fall for. Because the emails are targeted, and because the scammers include credible information that is relevant to the individual target, they are harder to spot.

What To Look For

Here are out top three thigs to look out for if you want to avoid the scammers successfully hitting you with a spear-phishing attack:

1. They will ask you to break the standard procedure “because it is important”.

2. You will often be told that the action your are taken must remain secret for now because of “client conflict” or confidentiality reasons.

3. There will be a sense of urgency pushing you to comply immediately.

Secrets

Top tips and Insider secrets

Here is one for shopping online or handing out your credit card details.

Using a virtual credit card used to be the preserve of those fancy challenger banks with brightly coloured cards and silly names. Now however, Privacy.com has made that service available to everyone.

A virtual card has all the details needed to make a payment online; however, there is no physical card. Think of it as an extra layer of protection between the online shop and your actual card details. You can create multiple virtual cards, set limits, and assign them to different merchants etc. Then if something does happen you can cancel the card with just a few clicks of the mouse. And you only have to cancel one card, for instance the one associated with a particular merchant, rather than all your virtual cards.. Replacing cards is also done in minutes, all online.

These virtual cards are perfect for any kind of online transaction, including utilities, subscriptions and grocery shopping, and they ensure you are protecting yourself as best as possible should your details be stolen or lost by an online merchant.