IT Solutions Consulting’s Post

🚨 A very informative article on how cybercriminals recruit insiders for malicious acts. Employees can pose a unique type of threat to an organisation. Most employees are not malicious, and they ought to be trusted with access to the data and systems needed for performing their tasks. However, those who are lured by a variety of methods to use their positions to assist in criminal enterprises can cause significant financial and reputational damage to their employers. #cyberthreat #insider

Utilize Microsoft Entra ID Identity Protection to detect and mitigate identity-related risks, such as suspicious sign-ins and compromised accounts, in real-time. #Entra #IdentityProtection

Utilize Microsoft Entra ID Identity Protection to detect and mitigate identity-related risks, such as suspicious sign-ins and compromised accounts, in real-time. #Entra #IdentityProtection

Phishy, phishy! I received this email from "AT&T Business," which looks legit except when you look closer. Look at all the "we" terms and then a sudden switch to "I." I felt in my gut this wasn't legitimate so I called AT&T and they confirmed it's a phish attempt. They recently had a large data breach unfortunately. Not sure if this is telling from that, but wanted to share as an encouragement to be shrewd in how you and your teams approach emails. Don't just blindly click on things. Check the email sender. Check with the source before replying if it doesn't look or feel right. Hover over website links without clicking to see what it's really leading to (although sometimes they mask this so that should be the last factor). AT&T said they will never send an email with a login in the email body. Let your gut speak to you. Use good judgement and stay safe! #ATT #Phish #InternetSafety #ITSafety

When Your Boss Suggests Switching to Signal... Per a recent FTC court filing, it looks like Jeff Bezos is recommending Signal as his main messaging app. Given his past experiences with security breaches (namely, the Pegasus Malware incident via WhatsApp), his preference is understandable. However, when your boss suggests switching to Signal, it may raise a few eyebrows. Renowned for its robust security features, Signal is quickly becoming the go-to platform for #offchannelcommunications. Yet this can pose challenges for organisations trying to retain records, especially during disputes or investigations as these communications are critical but often inaccessible. This is critical in the financial services industries - just look at the record number of fines issued by the SEC and DOJ for the widespread use of these applications by broker-dealers and investment advisors. There are strategies to manage these risks from solid corporate policies to communication monitoring software, and, yes, digital forensics tools can help mitigate these issues. Potentially, even prevent future emails like the below. How is your organisation (or your clients) adapting to these changes in communication preferences? Are your compliance strategies keeping pace with technological advancements? Feel free to reach out to me or any of the #FRA team to explore how we can help you navigate these challenges. #eDiscovery #DigitalForensics #CorporateCommunication #Compliance #JeffBezos #Amazon #offchannelcommunications #signal

Some time ago, I touched on how the proliferation of #deepfakes would change the threat landscape, making social engineering attacks more effective. Last week, a Chinese multinational company lost $25 million to a deepfake #scam. The attackers used video recordings of three company executives available to the public to create a deepfake recording. They then used this recording to instruct an employee to make a fraudulent payment on a video call. It's the first time scammers successfully used deep fakes to orchestrate a scam of this magnitude, and it will only worsen over time. Sadly, not just big corporations will be targeted, but also individuals like you and me. So, what can you do to protect yourself, your business, and your loved ones from these threats? Apply zero trust principles: "Never trust, always verify." For interactive deepfakes like phone and video calls, if the caller is making an odd or sudden request, verify their identity through a different means before acting on their request. The same solution applies to businesses. All payment requests or transactions involving large sums should undergo a thorough verification and approval process. Furthermore, hire experts to educate your #employees on these new threats and how they can protect themselves. To read more on this, check out the article: https://lnkd.in/dpkhsmeh Stay informed and stay safe. #DeepFakeThreat #CyberSecurityAwareness

Email, phone, name, address, and IP used to be enough data about your users. Now, you need more. Job, company, gender, age, locations, hobbies, etc. – dig deeper with TRUSTY. — Check their social networks and registered platforms. — Is your contact associated with any red flags? — Crime, sanctions, PEP/RCAs lists? — Scan for data breaches. — Verify the email's validity and existence. — Is that IP trusted or is it a proxy/VPN or abuser? Once you have the full picture, you can: ✔ Fortify your anti-fraud security. ✔ Supercharge your contact database and CRM. ✔ Enhance your email campaigns. ✔ Ensure your customers comply with regulations. Data challenges shouldn't hold you back. Take charge today. Transform your data into an asset that propels your business. TRY FOR FREE >>> https://trusty.team #DataEnrichment #DataTransformation #DataQuality #BusinessIntelligence #StrategicInsights #Trusty

#Business_Email_Compromise Market Share Expected Huge Growth during 2023-2032 https://bit.ly/3IoQKm4 #Business email compromise, also called #email account compromise, is a #type of scam targeting #accounts of #organizations that conduct wire #transfers across the world. In these #scams, #cybercriminals send an email that appears to come from a reliable #source, making a #legitimate #transaction request and ending up with #financial #fraud. Agari Armorblox Abnormal Security Cloudflare Area 1 Security Barracuda Networks Broadcom Inc. Clearswift Cisco Checkpoint Therapeutics Inc Fortinet #opportunities #statistics #investment #technologies #emailsecurity #compromiso

I found out earlier this week another local business fell victim to a #vishing scam for over $350k. The employee walked out with all the cash and delivered it to a "lawyer". I wonder why vishing scams have been more successful in recent years? I have a theory! Over the past few decades, the way we communicate has changed greatly. Once upon a time, making a phone call was the primary means of communication. Don't believe me? Hey Gen Z what's this? ☎️ We have so many ways to communicate now that don't require actual speaking. 💥Email 💥Text 💥Social media (DM) I still remember when AOL Instant Messenger and T9 texting came about. (Leave my age out of this 😂). It's as though speaking on the phone is a lost art. Some of us don't even know what our managers and people of authority sound like on the phone. Some people have whole relationships through text messages. It makes it much easier to trick someone and criminals know it. Many of them aren't even using AI voice cloning so imagine those calls. Human behavior changed and now we have to adapt. The first step is awareness and training. Take the time to Pause, Think, and Verify. #fraud #fraudhero #cybersecurity #socialengineering #pausethinkverify