What is Phishing?
We are glad you asked. Phishing is a method used to disguise oneself as trustworthy in order to get sensitive information such as usernames, passwords, personal information, credit card, bank details and more. It can also be used to get a virus (or malware / ransomware) onto your computer or server, similar to what shut down the Toll Group earlier in February 2020.
The scary thing is that sometimes email doesn’t even need you to click on a bad link or download a malicious attachment to impact your business. A misconfigured email solution or an employee reusing their password can also let a hacker steal your identity and take control of your environment. For example, if someone uses their work email address and password to sign up for a local gym membership and if that gym account then becomes compromised, your work account could be waiting for the next criminal to buy and become the gateway into your organisation.
Cyber criminals know email is a common method to perform sensitive business and, after compromise, can act quickly with ransomware for the right opportunity. This can even mean putting themselves in-between your business and clients.
What’s the harm?
When they strike, they could have that wire transfer, sensitive business details and worst of all, your company reputation.
In 2019 and into 2020, Vincents has seen an increase in incident response / computer forensic cases where hundreds of thousands of dollars were swindled out of organisations caused by a compromised email account.
An Important Message
While every effort has been made to provide valuable, useful information in this publication, this firm and any related suppliers or associated companies accept no responsibility or any form of liability from reliance upon or use of its contents. Any suggestions should be considered carefully within your own particular circumstances, as they are intended as general information only.