Yes, it’s that time! The summer holidays have started. Many of us go out to recharge the battery and leave everything from work and home behind. Wonderful! Who wouldn’t want that? A few weeks away from everything. Yet, there is a great danger in all of this. What is that? I’ll tell you about it in this article.
The summer holidays have started, you and many other organization colleagues are going on holiday, which is good for both the employee and the organization. At the same time, this is also when the remaining colleagues get more work and have to divide their attention across several areas. And even though it is quieter in terms of occupancy or work, it remains vital to stay alert. Especially now! The holiday periods are the high season for criminals. They are not on holiday. The holiday periods are when employees and organizations pay less attention to the dangers, and criminals know this.
During the holiday periods, we often see a significant increase in the number of reports of theft. Just as criminals wait until the owners are on holiday, they also wait until the majority of your colleagues are on holiday to get into your organization. Therefore, it is essential to continue to pay attention to the awareness among your colleagues during the holiday periods. Are you doing that? Then you reduce the risk that you and the organization become the victim of a criminal.
A commonly used tool for criminals is phishing. Think about a phishing email. This is one of the oldest forms of a cyberattack. A phishing email responds to the recipient’s emotion and fishes for information. Phishing emails are becoming increasingly difficult to spot, so it’s important to be alert and stay alert. You can often recognize a phishing email by the following points:
– The sender’s email address does not match the organization.
– The email contains spelling errors.
– The sender asks for personal and/or confidential data.
– The sender makes an offer that’s too good to be true.
– The sender wants you to take action, for example, by clicking on a link.
Therefore, it is crucial to look at who the sender is and what exactly they ask for with an email that you receive. Is there a link in there? Then go over it with your mouse to see where you are being sent. If you see a URL you can’t place, don’t click! Chances are that you’re opening the door for the criminal by doing this. Do you know the sender? Then check if they have indeed sent you an email so that you can verify the authenticity. If the person has not sent anything, you can delete the email and let them take action.
Another form of phishing that is also common during the holidays is CEO fraud. CEO fraud is when the organization’s finance department gets a message to transfer a considerable amount to an account. The message is designed in such a way that pressure is applied to the recipient. The “CEO” emphasizes the relationship of authority and puts time pressure on it. But at the same time emphasizes the importance of confidentiality. Everything aims to ensure that the recipient quickly transfers the money to the named account.
Do you get a message from the CEO or someone else within the organization asking you to transfer a large amount? Always verify this, even if there is a need for haste. Are you hesitant to confirm because of the emphasis on confidentiality? Even then, you still need to verify, in such a case, always send your CEO or client a message over the phone whether the request is correct.
In the past period, we’ve all been working from home. New colleagues have also started, but you have never seen them in it. What do they look like? I don’t know! Now that we are slowly returning to the office, criminals are taking their chance to mingle with colleagues in the workplace. This way, they gain access to information. Because we don’t know some colleagues, criminals take advantage of that. Are you in the office and you see someone walking that you don’t recognize? Don’t hesitate to start a conversation and try to figure out what that person is doing. This way, you will find out whether it’s a colleague or an intruder!
Help! How do I make my colleagues aware?
As an organization, you don’t want to fall victim to these forms of crime because the consequences are incalculable. Again, prevention is much better than cure. Because next to the possible financial consequences, you as an organization also have to deal with other consequences, such as image damage. And you don’t just solve it with financial resources. In order to make your colleagues aware of the dangers and act on them, it is necessary to inform or even train them properly. There are several ways to do this.
At Audittrail, we have over 10 years of experience in raising awareness among employees. We use different solutions. This can be a phishing test (as a service), or we send a mystery guest to see where it can get within the organization. Would you like to know more about our solutions? Take a look at our Awareness solutions and download our product sheets. Would you rather have direct contact with us? No problem, you can. Please contact us via firstname.lastname@example.org or via +31 71 747 17 17.
Audittrail is an audit and advisory organization in the field of security, privacy and GRC. Audittrail supports organizations in setting up awareness programs and provides organizations with insight into the awareness level of its employees. Are you interested in how your organization responds to a phishing email, or do you have questions about this article? Let us know via email@example.com or via +31 71 747 17 17.