Top Modern Confidence Crimes to Watch Out For
Stop sabotaging your own security
Small to medium-sized businesses often have limited budgets when it comes to IT, and hiring a full-time or fractional CIO or CTO may be out of their range. Without qualified guidance and strategy, even the most innovative IT solutions in the world can only go so far. This is where vCIO comes in. A vCIO, or Virtual Chief Information Officer, can accomplish everything you would need from an in-office CIO for a fraction of the cost. Or, at least, Domain’s vCIO services can. Before you start searching the Net for services that other CIO applicants and vCIO providers can do, let’s break down what it is these positions should do for you:
Here’s a list of some of the latest scams and con-man trickery going around the cyber-sphere and business web:
We all know about email phishing scams, that try to get you to click on or reply to things like fake invoices or security updates, but many are still unfamiliar with spearphishing, which targets a specific person with far more personalized communiques that resemble, most often, a real company e-mail, or even a fake voice mail (a variant known as vishing) that appears to be from a boss or other department head or manager, and which tricks you into sending company documents or other sensitive data to the con-man’s email address or fax, or whatever other destination for the purposes of fraud.
These are typically sent to accounting departments and resemble invoices from companies the recipients normally do business with, with the unfortunate result that accounting generally just pays it. You may want to change up how you receive or authenticate invoices, such as move to a secure cloud connection where your accounts payable associates have shared access by way of 2FA or MFA (two-factor authentication or multi-factor authentication) if you have experienced the fake invoices scam, or just want to reduce your chances of it.
Malware-infected USB drives
This is a new-fangled scam that entails the infection of a USB drive with some kind of malware variant such as spyware or ransomware, then leaving it on the ground for unwitting passers-by to pick up and plug into their computers, hoping to enjoy someone’s important data. Instead, what you will likely get if you fall for this confidence trick is, at best a malware program you will have to call an IT specialist to remove, or, at worst, a ransomware exploit that completely shuts down your computer and encrypts your files in lieu of payment. Another, more malicious variant of this is a USB “Kill Stick” that, when plugged in, will reportedly melt down and destroy everything stored in your computer’s hard drive, and very quickly, too. According to Hot Hardware, it can melt-down “just about any consumer or commercial device with a USB port in a matter of seconds.”
This one is as old as the hills, but is still a perennial favorite of con-men everywhere. Some are getting so bold as to walk right into offices and pretend they are the representative of a company or a vendor the target company does business with. Always authenticate, verify, and make sure you identify unexpected visitors as who they really claim to be!
Tips for avoiding confidence scams:
- Never click on links embedded in emails.
- Make sure all financial accounts utilize two-factor authentication.
- Be wary of unannounced or unexpected “slick talkers” who claim to be an associate who needs access to someone or something you have not been made aware of. Authenticate!
- Implement employee training on confidence scams like the above-mentioned ones, in order to eliminate behaviors that aid con-men in their schemes.
Our SECaaS program is only the first of our five cyber security services. Even more security, custom fitted to your company’s needs? How could you NOT want to learn more about our cyber security services? Don’t worry — we’ll tell you everything you want to know!
Was this article helpful?
For more information about how Domain Computer Services can benefit you.
The complexity and sophistication of ransomware attacks continue to rise.We've seen a dramatic increase in people reaching out to us in the last few weeks because of attacks that their current IT Service Provider couldn’t handle. But even more dangerously, we’re...
We are excited to announce Domain Computer Services ranked in the top 5 on the 2019 NJBIZ list of Top Cybersecurity Firms in New Jersey.
Do you really need a Penetration Test? The short answer is no. Well first off, what is a penetration test anyway? You might’ve heard that this is the best way to detect any vulnerabilities that you may have, but actually, that’s not the case. Let’s dive into some of the downsides of doing a pen test.