Posts Tagged ‘phishing’
2023 marks the 20th annual Cybersecurity Awareness Month and this year CISA is launching a new awareness program that encourages four simple steps every American can take to stay safe online. These simple actions are good advices not only during Cybersecurity Awareness Month, but also the rest of the year.
continue reading
Psst!…..Forward this article to your accountants, legal counsel, or anyone else on your team working with W-2 data.
Late last week, we (along with many other security firms) identified a simple and recognizable phishing scam popping again on accountants and other folks working with W-2 forms.
The Problem With Phishing Emails This Year?
The scam is more complex and may confuse unsuspecting recipients. The most recent W-2 scam is more complicated than previous scams. After a first request for W-2 information (which contain sensitive information, including Social Security Numbers!), the scammer sends another spoofed email from a separate account following up on the first email—often confusing staff into divulging the requested documents.
While the IRS warns that this scam is targeted at individual consumers, security experts warn that scammer’s real target (and payload) are from businesses like yours!
continue reading
Many cybercriminals look at small businesses like blank checks. More often than not, small businesses just don’t put money into their cyber security, and hackers and cybercriminals love those odds. They can target small businesses at random, and they are all but guaranteed to find a business that has no IT security – or the business does have some security but it isn’t set up correctly.
At the same time, cybercriminals send e-mails to businesses (and all the employees) with links to phishing websites (websites designed to look like familiar and legitimate websites) or links to malware. They hope employees will click on the links and give the criminals the information they want. All it takes is ONE employee to make the click.
continue reading
Cyberthreats are everywhere these days. Hackers, scammers and cybercriminals are working overtime to break into your network – and the network of just about every business out there. They have a huge arsenal of tools at their disposal, from automated bots to malicious advertising networks, to make it possible.
But there is one “tool” that you may be putting directly into their hands: your employees. Specifically, your employees’ lack of IT security training.
While most of us expect hackers to attack from the outside using malware or brute-force attacks (hacking, in a more traditional sense), the truth is that most hackers love it when they can get others to do their work for them.
In other words, if they can fool your employees into clicking on a link in an e-mail or downloading unapproved software onto a company device, all the hackers have to do is sit back while your employees wreak havoc. The worst part is that your employees may not even realize that their actions are compromising your network. And that’s a problem.
continue reading