We all pay special attention to our customers. It’s part of providing top level service. Without clients we don’t have money to operate our business. If you’re like many companies, you’ve whitelisted the domains of all your clients to make sure their emails bypass most of your spam filters and get to you. Fast response to client requests is a hallmark of good customer service, right?
So, when an email arrives from a customer asking you to look at something they have a question about, you naturally open their file or click on the link.
You’ve just been hooked through a phishing scam. The results can be anything from an attempt to steal your password to injecting code into your computer, server, or network to steal data, install ransomware, or all of these.
Vendors are a special threat because an efficient organization is constructed to pay its bills. An invoice arrives, payment is sent, supplies keep arriving. All is good unless your money is now sitting in some foreign country.
Consistent Data Management across the business is the first step to maintaining security for systems and users.
What to do?
Of course there are automated systems which look for tell-tale signs of malicious content in an email and either provide warnings or prevent internal delivery. These systems have improved dramatically in the recent 12 months and you should judiciously deploy such systems. However, the last line of defense will always be understanding and caution by your employees and most importantly executives.
Testing and training programs for phishing emails are available commercially from many sources and should be operated continuously. We see
dramatic improvement across all employees simply by participating in these programs and reporting results to each employee.
RadiusBridge® develops and supports custom data management systems for executives to know, protect, and grow their business.