Cybersecurity: The Latest Hacks

Addison Group

Cybersecurity seems to be the permanent buzzword of our current business climate. Today’s workplace is more threatened by hacking attacks than ever before. Nearly one in five CFOs claim hackers have struck their companies. As hackers launch cyber-attacks, everyone from your customers to your CEO should be concerned about their privacy.

What Are Hackers Looking For?

Most hackers are looking for credit cards, social security numbers and trade secrets they can sell on the black market. Most recently, the FBI has released a warning to H.R. professionals of a W-2 Form Phishing Scam that victimized hundreds of businesses during the last two tax seasons.

How the W-2 Form Phishing Scam Works

Cyber-criminals pose as a high-level executive in your company and send emails to payroll personnel, requesting copies of employee W-2 Forms or ask for a list of all employees and their Social Security numbers. Hackers use a technique known as, business email spoofing, these emails look like they were sent from within your company making detection difficult. Criminals then use the stolen personal information and data on the W-2s, such as Social Security Numbers, to file fraudulent tax returns or they simply sell the information on the Dark Web.

According to CFO magazine, almost half of all data breaches result from lackadaisical employees. The solution isn’t just to create stronger security for your network. It’s to create an office culture that understands, values and routinely performs computer network security protocols. We have compiled some tips recommended by top cybersecurity professionals.

Cybersecurity Tip #1: Do Not Post Personnel Email Addresses Publicly.

Internet posts containing personnel email addresses provide hackers an email that can be spoofed for sending phishing emails to employees.

Cybersecurity Tip #2: Avoid Unsecured WiFi.

Using Unsecured Wifi leaves your network exposed to hackers.

Cybersecurity Tip #3: Remote Wipe Missing Mobile Devices.

Employees should notify IT before notifying their carrier if their device is lost or stolen. So, IT can remotely wipe any corporate data from the missing device. Do not let the carrier turn off the device before this step as you will loses the ability to wipe any data from it.

Cybersecurity Tip #4: Limit removable media and cloud storage.

Removable and cloud storage limit your control over the portability of your data. If you need portable data, limit your employees to company approved solutions that you can monitor and control.

Cybersecurity Tip #5: Phishing emails.

Do your employees know how to recognize an attempted phishing attack, a cyber-criminal impersonating a trustworthy source in order to steal information, or place malware on your system? Your network security is only as strong as your least-trained employee.

Cybersecurity Tip #6: Limit Access

Most employees only need access to a small amount of your company’s network. By limiting access, if an employee’s account is hacked, the hacker won’t have access to your entire network.

You may also enjoy, the Now-Gen CFO