IBM: 5 dicas de segurança cibernética para a temporada de compras
Saiba como se proteger de fraudes durante a Black Friday
Trust Control e Axur realizam webinar para orientar empresários sobre segurança nos negócios durante a Black Friday
Software.com.br sela acordo com Hootsuite no Brasil e LATAM
Bibi investe em avanços tecnológicos para ter mais competitividade baseada em conceitos da indústria 4.0

How can companies increase phishing precautions?

How can companies increase phishing precautions?
danpnobre Cybersecurity

Image: Pixaby

The Strategic Security Survey report by Dark Reading shows that 58% of organizations in 2021 accused phishing of being the primary cause of problems. 53% cited phishing as a direct cause of security incidents, and for 48%, this would be the most likely cause of an incident. Because of this, corporations must increase phishing precautions.

According to Tempest Security Intelligence, a Brazilian cybersecurity company, phishing that has CEO and other high-level executives is the main kind is spear phishing – which occurs from a previous study and data collection on certain users to make a personalized approach, which can culminate in the theft of the credential of one of these executives.

In possession of a CEO’s credential, the criminal can, for example, request funds, financial transfers or sensitive information without raising suspicion in an attack known as CEO Fraud. These attacks can reach a high complexity depending on the target and interest.

Tempest Security Intelligence and phishing precautions

A recent report released by Tempest Security Intelligence rescues the case of an executive of a UK company who reports a telephone conversation with the CEO of the company’s headquarters (based in Germany), who requested the urgent transfer of more than €200 thousand to a Hungarian supplier. According to the deposition, the voice on the phone sounded like the company’s CEO; however, the victim talked to a fraudster using a deep fake system.

According to IC3 (Internet Crime Complaint Center) records, the FBI body centralizing Internet scam complaints and account theft (executive and non-executive) generated more than US$ 1.7 billion in financial losses in 2019. and more than US$ 1.8 billion in 2020. With this issue in mind, security experts have a consensus that companies need Security Awareness solutions, including training and security awareness in the company’s routine, to position employees as the front line of business security.

Even so, there is a long way to go. A survey conducted late last year by the National Cybersecurity Alliance found that 64% of respondents had no access to any cybersecurity advice or training.

Hacker
Inserting malicious code into programs and pages is a way for hackers to act. Photo: Pixaby

Steps to increase security

According to Gartner, there are three success factors for a Security Awareness service:

1 – The first is to have leadership aligned with a vision of awareness of the importance of digital security.

2 – The second is results-oriented metrics and behavioural indicators through reports indicating employee training engagement.

3 – Finally, there is the effective communication of the business values, a moment of application of the insights obtained in the previous steps.

Deixe comentário

Seu endereço de e-mail não será publicado. Os campos necessários são marcados com *.