Chances Are, Your Staff Doesn’t Know What Hackers Look Like.
Back in 2015, the United States Federal Bureau of Investigation (FBI) released a warning that CEO fraud was on the rise, reporting that $1.2 billion were lost in the previous year due to attacks. Today, CEO frauds continue to climb throughout every single industry because users continue to lack understanding of what hackers look like. And that’s because, they think it’s their boss.
What Is CEO Fraud?
CEO fraud is a type of attack that hackers use to scam businesses. They impersonate CEO’s or high level workers, and use their impersonated rank to influence employees to do very specific commands. They often create email addresses that are extremely similar to the person they are impersonating, and many users often fail to recognize this. Why? Because too many companies fail to teach employees what hackers look like, and they fail to train them against attacks.
CEO fraud is also commonly known under the name, Email Account Comprise (EAC). According to the FBI:
E-mail Account Compromise (EAC) is a sophisticated scam that targets the general public and professionals. The spoofed e-mail address is designed to mimic the legitimate e-mail in a way that is not readily apparent to the targeted individual. The criminal actor then uses either the victim’s legitimate e-mail or the spoofed e-mail address to initiate unauthorized wire transfers.
So What Do Hackers Look Like?
Barclays UK, a financial banking conglomerate, released a poignant video showing the world what hackers really look like. It is a perfect representation of the CEO fraud, and should be shared with all employees.
How to Stop Attacks.
CEO fraud attacks are hard to stop, because they easily slip through spam and other security tools. The last and final defense you have are your employees. And in order to stop these types of attacks from happening, you need to work from the ground up.
Here’s a quick How-To and how to get you started:
Step One: Start by training all employees. Teach them about the different types of attacks and how to identify them. If you yourself don’t know, reach out to a technology consulting firm who can train the entire staff.
Step Two: Test your employees. Teaching your employees isn’t enough, you must test them to see if they understand what hackers really look like. Do they keep clicking on unauthorized email attachments? Are they responding to spoofed emails? Again, a technology consulting firm can assist in setting up and deploying these tests.
Step Three: Set up strict guidelines. Set up a hard set of rules that employees must follow, such as always call to confirm transaction requests on the phone. By setting up this protocol, users will learn to understand quite quickly what hackers really look like.