Top Modern Confidence Crimes to Watch Out For

Sep. 14, 2016

Updated: Nov. 20, 2018

Stop sabotaging your own security

Your computer monitorswere last replaced in 2009. You purchased a firewall and plugged it in, but never figured out how to configure it properly. Calling the IT service desk has become a routine fire drill for your company. Sound familiar? Nowadays, maintaining your office tech is crucial. Having outdated or buggy technology not only puts you at risk of ransomware, but makes getting work done much more difficult than it needs to be, slowing down processes and potentially losing your business a lot of money. Unfortunately, fixing the situation is not as simple as changing your passwords and installing a new firewall. In order to effectively protect and manage your business’s technology, you need to understand your IT infrastructure inside and out, and make sure it’s optimized to meet your business’s needs, and manage the associated risks.
This is the job of a Chief Information Officer, or CIO.

Small to medium-sized businesses often have limited budgets when it comes to IT, and hiring a full-time or fractional CIO or CTO may be out of their range. Without qualified guidance and strategy, even the most innovative IT solutions in the world can only go so far. This is where vCIO comes in. A vCIO, or Virtual Chief Information Officer, can accomplish everything you would need from an in-office CIO for a fraction of the cost. Or, at least, Domain’s vCIO services can. Before you start searching the Net for services that other CIO applicants and vCIO providers can do, let’s break down what it is these positions should do for you:

Here’s a list of some of the latest scams and con-man trickery going around the cyber-sphere and business web:

Spearphishing

We all know about email phishing scams, that try to get you to click on or reply to things like fake invoices or security updates, but many are still unfamiliar with spearphishing, which targets a specific person with far more personalized communiques that resemble, most often, a real company e-mail, or even a fake voice mail (a variant known as vishing) that appears to be from a boss or other department head or manager, and which tricks you into sending company documents or other sensitive data to the con-man’s email address or fax, or whatever other destination for the purposes of fraud.

Fake Invoices

These are typically sent to accounting departments and resemble invoices from companies the recipients normally do business with, with the unfortunate result that accounting generally just pays it. You may want to change up how you receive or authenticate invoices, such as move to a secure cloud connection where your accounts payable associates have shared access by way of 2FA or MFA (two-factor authentication or multi-factor authentication) if you have experienced the fake invoices scam, or just want to reduce your chances of it.

Malware-infected USB drives

This is a new-fangled scam that entails the infection of a USB drive with some kind of malware variant such as spyware or ransomware, then leaving it on the ground for unwitting passers-by to pick up and plug into their computers, hoping to enjoy someone’s important data. Instead, what you will likely get if you fall for this confidence trick is, at best a malware program you will have to call an IT specialist to remove, or, at worst, a ransomware exploit that completely shuts down your computer and encrypts your files in lieu of payment. Another, more malicious variant of this is a USB “Kill Stick” that, when plugged in, will reportedly melt down and destroy everything stored in your computer’s hard drive, and very quickly, too. According to Hot Hardware, it can melt-down “just about any consumer or commercial device with a USB port in a matter of seconds.”

False impersonation

This one is as old as the hills, but is still a perennial favorite of con-men everywhere. Some are getting so bold as to walk right into offices and pretend they are the representative of a company or a vendor the target company does business with. Always authenticate, verify, and make sure you identify unexpected visitors as who they really claim to be!

Tips for avoiding confidence scams:

  • Never click on links embedded in emails.
  • Make sure all financial accounts utilize two-factor authentication.
  • Be wary of unannounced or unexpected “slick talkers” who claim to be an associate who needs access to someone or something you have not been made aware of. Authenticate!
  • Implement employee training on confidence scams like the above-mentioned ones, in order to eliminate behaviors that aid con-men in their schemes.

Our SECaaS program is only the first of our five cyber security services. Even more security, custom fitted to your company’s needs? How could you NOT want to learn more about our cyber security services? Don’t worry — we’ll tell you everything you want to know!

Our premier SECaaS solutions are built on an incredibly sophisticated software called SonicWall (this is where that SaaS comes into play). Not only is SonicWall the only firewall provider that offers SECaaS , but Domain Computer Services is the only certified distributor of the program in the region, making it the highest ranked distributor of SonicWall in Northeastern U.S. If our five-point SECaaS solution didn’t impress you, we know that will.

Was this article helpful?

For more information about how Domain Computer Services can benefit you.

Cyber Attack Prevention

The complexity and sophistication of ransomware attacks continue to rise.We've seen a dramatic increase in people reaching out to us in the last few weeks because of attacks that their current IT Service Provider couldn’t handle. But even more dangerously, we’re...

Do You Really Need A Penetration Test?

Do you really need a Penetration Test? The short answer is no. Well first off, what is a penetration test anyway? You might’ve heard that this is the best way to detect any vulnerabilities that you may have, but actually, that’s not the case. Let’s dive into some of the downsides of doing a pen test.