Sharp rise in cyber impersonation attacks; businesses left vulnerable.
Amidst the global furore over high profile cyber espionage, businesses and individuals have to contend daily with increasing cyber criminality.
In line with the uptick in ransomware, impersonation attacks have become a common way for cyber criminals to extract money from unsuspecting Internet users. Impersonation attacks are basically phishing attacks whereby a cybercriminal has used the name of a CEO, executive, employee or business partner in order to get sensitive information from victims. A recent Mimecast report has highlighted a whopping 400% increase in impersonation attacks worldwide.
Notably, these impersonation emails often don’t contain malware and rely on conning recipients into sending money or data that ultimately exposes the end user.
Leveraging personal data in the public realm
Unsurprisingly, hackers trawl social media sites such as Facebook, Twitter and LinkedIn for key personal details that enable them to compose highly believable emails and messages.
By learning about a CEO’s leadership and communication styles, for example, or mimicking a company’s sales team, hackers are able to compose emails that easily dupe unsuspecting employees, clients or business associates. Indeed, familiarity leads to critical mistakes in today’s digital realm.
Such attacks have been on the rise for some time…
A recent public service announcement issued by the Federal Bureau of Investigation (FBI) stated that between October 2013 and December 2016, business email compromise scams resulted in a total loss of more than $5.3 billion US dollars.
To date, statistics reveal that there are 4.3 billion email addresses in the world – and people have two email addresses, on average. Worryingly, 90% of attacks start with an email. It’s simply the easiest way in.
For businesses and individuals, the lesson here is to always be on high alert for emails and messages that are even slightly out of the norm. In addition, it is critical that security systems are consistently monitored and updated in order to guard against impersonation attacks and the various other methods being employed by hackers and criminals.
Prevention is key!
About Dial a Nerd Business
The business division of Dial a Nerd was started in 2002 and it specialises in supporting companies with between 10 and 300 users. With its distinct SME focus and a specialist team of technical engineers, managers and a world-class helpdesk it is able to provide a full breadth of IT services for any SME. Dial a Nerd was recently awarded the prestigious Microsoft Small to Midmarket Business Partner of the year for 2016/17.
JHB: (010) 007 0012
CPT: (021) 200 1460