It is believed that new starters are even more likely to be targeted. Cyber criminals are targeting new starters to a business, via their updated LinkedIn profiles. These new starters will receive spoofing emails, which lead to instances like the voucher example.
Why new starters? Well, they are brand new to a business, and usually eager to please their new bosses. In the current climate with flexible working commonplace, they are unlikely to have met every colleague at their new job, with many introductions coming over Microsoft Teams, phone calls or email. As a result, they are often the perfect candidates for cyber criminals to target and take advantage of.
Defending against social engineering requires you to practice self-awareness. Always slow down and think before doing anything or responding to any kind of communication you receive that requires urgent action. It is worth considering some of the following questions if you suspect an attack:
- Did the message come from a legitimate person? Study email addresses when getting a suspect message. There may be characters that mimic others, such as “email@example.com,” instead of “firstname.lastname@example.org.” Social media accounts that duplicate your colleague’s image and information are also common. Ask the sender if they were the true sender of the message in question – ask in-person or via a phone call if possible.
- Suspicious links or attachments? If a link or file name appears odd in an email, consider the authenticity of the whole communication. Also, consider the context of the message itself – is the sender wishing you a good morning, when it is the afternoon, for example.
In addition to these questions, you can also proactively improve your privacy and security. Online communications are where you are the most vulnerable. Social media, email, text messages are common methods of attack for cyber criminals.
A general rule of thumb when it comes to phishing campaigns is to never click on a link sent in an email. Never engage with any URL you are unsure is legitimate. Using multi-factor authentication can also add an extra layer of security to verify your identity upon logging into your account. This is often made up of biometric information, such as a face scan or fingerprint, or temporary passcodes sent via trusted phone numbers.
Using strong passwords and a password manager can also shore up your company’s cyber security. Each of your passwords should be unique and complex, but storing them in Keeper Password Manager with Neuways will help keep them safe and secure for your business to use.