If this year taught us anything about technology, it’s that you should really focus more on protecting and securing your data. No matter how far digital technology has evolved; no matter how advanced today’s tools seem to be—they will remain vulnerable to a lot of different factors. So we thought this IT and tech checklist to achieve just that can help.
Whether you’re a legal administrator, office administrator or managing partner in your law firm, you need to lead the charge to create awareness around data privacy for lawyers in your firm. Examining the reasons behind cyber insurance claims, the numbers reveal that the biggest threat accounting firms face is internal — the lack of training among its employees and contractors.
What we all do behind closed doors, is our business, right? This “Aaron Smith” Sextortion Scam suggests otherwise.
Imagine this (or maybe you don’t have to imagine because if you’re a business owner in the triangle area):
You open your inbox, and some guy named Aaron Smith in broken English says something to the effect of,
“Hey, I hacked into your computer while you were on adult website X, I turned on your webcam and recorded you and your screen, and if you don’t pay me $5000, I’m going to post this video on your Facebook feed and show your aunt Martha, your boss’s wife and everyone else in your world.
I have your information, I know your password is Rover050467.”
Yep. This latest scam/internet con/email phishing attack is called “Sextortion” because it’s whole tactic is based around threatening to share what you do in private to all of your peers. This one’s a doozie to say the least.
If you’re not signed up yet – attending our next webinar Tuesday November 13 from 1:00 – 2:00 PM on Cybersecurity: How To Protect Yourself And Your Business From Data Breaches is an absolute must.
Let’s dive into this debacle of a threat so you can learn how to protect yourself from this fantastically embarrassing (and clever!) email phishing attack.
Got A Cool $1.6 Million To Burn? CEO Fraud And The Repercussions To A Business Like Yours
Here’s how you can lose $1.6 million from one email…the timeline goes something like this:
- A short and simple email from your boss, asking you to immediately send a large sum of the company’s fund to a new bank account, supposedly given to him personally by the supplier.
- You notice a few spelling errors, here and there. But it’s your boss, so you decide to let it go. You’re a little bit suspicious though of a supplier going directly to your boss instead of through you at accounting.
- You decide to ignore it for now. You want to confirm with the supplier first. But then you start to worry that your boss might find out that you didn’t believe his email, so you decide against it.
- You remember watching a funny TED video about this guy replying to spam, so you decide to check with your IT department first to make sure you’re not giving away money to some Nigerian prince.
- But before you could, you receive another email from your boss, asking what’s taking you so long to transfer the funds. You think about how he rarely contacts you. But he’s contacting you now for this particular transaction, so it must be important.
- You notice another spelling error. Glaring this time. But the boss – the one who hasn’t sent you an email for the two years you’ve been in the company – has emailed you twice now. Twice.
- So with the overwhelming need to impress your boss, you go against all common sense, and you make the transfer.
…And that’s how you lose millions of dollars from a poorly spelled CEO Fraud email.
Less than a week after Hurricane Harvey tore through Texas and Louisiana, causing at least 60 deaths and billions of dollars in damages, Hurricane Irma appears ready to make U.S. history.
But, just a few short weeks later, security researchers found mis-configured servers and bad defaults, coupled with simple IT errors that exposed hundreds of millions of users’ personal information.
Where did they find this information? Amazon. Yes, Amazon – the web service known for securely loading, storing, and moving large amounts of data.
Always be on the lookout for CEO phishing emails. Because no one is safe – even us.
In this post, we’re going to share our experience as a target of a CEO Phishing scam. We’ll share the actual email we received from hackers who’s trying to pull the wool over our eyes.
It’s our hope that by sharing our own experience, we can help other business become aware of these scams, train their staff, and keep their data secure. Don’t be the one that gets reeled in – educate your staff and implement procedures to protect your business.