AUSTIN, Texas – Since 2020, Google has identified and delisted 2 million websites for launching phishing attacks—an army of nefarious websites that Cisco says have hit 86 percent of all global companies. In today’s climate, Integris warns companies to prepare for these three types of new attacks:
Hackers can research your company well enough to play the role of a new potential customer or an existing vendor in your system. They’ll ask you to download their RFP or enter their new banking information into your system so that they can pay your latest invoice. With a few clicks, your employees could download a worm into your system or open your bank account to thieves.
Require researching the person or company before fulfilling the request.
Most people know better than to put their contact information and emails on social media accounts set to “public.” That information is all a hacker needs to set up an account in your employee’s name on damaging websites, like child porn sites. Hackers can use that “proof” to extort employees into giving up their corporate passwords.
Teach employees to only use in-app messaging on social media sites and never give out their personal or professional emails.
Hackers can sample your CEO’s voice using AI technology, then use that sample to call up your accounts receivable department. “Add this new vendor to the system, and transfer this money,” they may say, sounding precisely like your CEO. When employees realize it wasn’t your CEO making that call, the money will be gone without a trace.
Ask for code words, account numbers, or other forms of two-factor verification. No exceptions.
Source: Integris IT