It happens all too often, where a company employee is targeted by a scam or hack attempt and the crook wins. One of my client’s employees fell victim to a mobile phishing scam their first week on the job. They received a text message from someone claiming to be their new boss by asking them to purchase gift cards to later be given to customers. Following the direction of their new boss, the employee purchased over $500 in gift cards that were sent electronically to the scammers phone number, all purchased using the company credit card. Only after the transactions were completed did the employee come to find out that the number was from a scammer.
These types of phishing scams are so easy to spot but also so easy to fall victim of. New employees are less likely to know what to look out for which makes them easy targets.
Here are some example of phishing emails that can easily trick your employees into responding to their “urgent” messages:
- Clicking an attachment
- Enabling macros in Word document
- Responding to “new” numbers or email addresses
- Updating a password
- Responding to a social media message
- Using a new wi-fi hot spot
These scammers typically ask for sensitive personal or company information, such as:
- Date of birth
- Social security numbers
- Phone numbers
- Credit card details
- Home address
- Password information
How do you think your new employee might respond to an email asking for any of these details?
Without offering your staff proper training, even the most tech-savvy employees can fall for a phishing scam. It is essential to offer routine security training to your staff, ensuring that you include the following will set your company up with the best defense:
Make Time to Train Your Team:
Time is a valuable thing, for you and your staff. It is easy for security training to be pushed down your priority list; however, the benefits far outweigh the potential costs. If you don’t have time or are unable to offer such training, hire a third party like Now IT Works to support you in this area. An experienced IT company will know exactly what to look out for and can prepare your staff with the right knowledge to ensure success.
Make Training an Ongoing Effort:
Hackers and spammers continue to adapt their strategy to trick employees into thinking they are legit. Stay one step ahead by offering your employees ongoing security training and best practices. One training per year, or at the time they are hired, is just not going to cut it. Education around how to spot things, like phishing attempts, need to remain a continued effort if it is to be the most effective.
Ultimately, the best way to protect your company from threats is to equip your team with the best possible defense. Ongoing education will ensure that security is always on the minds of your staff as they go about their workday. Don’t skip this important portion of your security plan.
Be proactive against any risk to your companies security by implementing these important strategies today.
If you have concerns about the security of IT system, please reach out to me today.