Enter your details below to stay up-to-date with the latest IT solutions and security measures.
Once again an organisation has been struck by a phishing email with a fake invoice. Phishing is the practice of trying to gather personal information using deceptive emails and sites. In this instance, it is possible that access to an individual’s mailbox has allowed a hacker to read emails to acquaint themselves with the flow of activity of that mailbox. Armed with this knowledge, a hacker can then attempt to accessing other mailboxes within the organisation to prompt monetary transactions or to inflict chaos into the network.
THERE ARE SEVERAL WAYS TO PROTECT YOUR ORGANISATION
* Protect access to all mailboxes (Office 365) with multi-factor authentication (MFA), making it very difficult for hackers to access mailboxes.
* Use an email protection service, such as those offered by Trend Micro, that validates the purported sender is who they claim to be.
* Ensure your laptop has up-to-date anti-malware, making it more difficult for hackers to access the device and ultimately prevent access to your mailboxes.
* Use a Security Information and Event Management (SIEM) solution to monitor mailboxes for unexpected forwarding rules such as volume forwarding of emails. A SIEM identifies unusual system behaviours, automatically notifying the Security Operations Centre (SOC) whose responsibility it is to investigate further. SIEM and SOC can be complicated solutions to get your head around, but for a high level explanation, check out the NSP video How data security is similar to securing your building
* Create internal processes for payee account authentication to ensure initial account setup and subsequent changes are validated. For example, banking sort codes accessible via an internet search can indicate the location of the account. Accounts in unusual places such as Hungary, the Bahamas or other unexpected regions should raise red flags.
* If something looks suspicious, investigate. Phone the payee, query the details and ask questions. It is far better to spend a small amount of time to validate since not doing so heightens the risk of falling prey to sizable monetary scams.