Cyber Defense eMagazine November Edition for 2021
Cyber Defense eMagazine November Edition for 2021 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, International Editor-in-Chief and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES See you at RSA Conference 2022 - Our 10th Year Anniversary - Our 10th Year @RSAC #RSACONFERENCE #USA - Thank you so much!!! - Team CDMG
Cyber Defense eMagazine November Edition for 2021 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, US Editor-in-Chief, Pieruligi Paganini, International Editor-in-Chief and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
See you at RSA Conference 2022 - Our 10th Year Anniversary - Our 10th Year @RSAC #RSACONFERENCE #USA - Thank you so much!!! - Team CDMG
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Stop Phishing in its Tracks<br />
The Delta variant COVID-19 surge prompted cybercriminals to develop fake “vaccination requirement”<br />
emails. These phishing schemes were sent to millions of workers, with official looking <strong>for</strong>ms and links<br />
asking <strong>for</strong> recipients to confirm their vaccination status while providing valuable personal in<strong>for</strong>mation. It<br />
is a common tactic <strong>for</strong> phishing schemes to prey on people’s fear and uncertainty along with a message<br />
of urgency and possible consequences.<br />
Hackers enjoy phishing schemes because they are easy to deploy and can provide fast access into<br />
networks. The recipient clicks a link or opens an email or an attachment, and that launches malware<br />
which can infect a computer and give the hacker administrative control. And, once they have control, they<br />
encrypt the data and hold it <strong>for</strong> ransom.<br />
Preventing phishing schemes requires staff training. They need to understand the risks of opening emails<br />
and downloading attachments from unrecognized senders. Be sure to conduct training sessions with<br />
images of phishing emails, pointing out common tricks like misspelled URLs, poorly constructed<br />
sentences, and other signs of non-genuine emails.<br />
Here are some other signs of phishing emails employees should be aware of:<br />
• URLs do not match the purported business. Users can hover over the URL (place your curser<br />
over the URL or email address) to see the real destination or address<br />
• Emails asking <strong>for</strong> Social Security Numbers, bank account in<strong>for</strong>mation, and other personal data<br />
are always fake<br />
• Emails that attempt to elicit panic and suggest the recipient ‘must act’ are always suspicious<br />
• Phishing schemes often change to reflect current events, such as vaccination, political decisions,<br />
COVID “cures”, and other hot topic issues<br />
For employees, deletion is always the answer. If there is any doubt about the veracity of an email, they<br />
can simply contact the organization or individual that sent the message. Institute a policy that no worker<br />
will be in trouble if they delete a genuine email if they thought it came from a shady sender.<br />
Managing Remote Workers: Flexibility vs. Safety<br />
It is obvious remote work is here to stay. For new hires it is now considered a standard condition of<br />
employment, instead of a rare sought-after benefit. With remote work comes inherent hazards <strong>for</strong><br />
businesses to manage devices and employee actions as they relate to cybercrime risks. Ideally, business<br />
owners will provide employees with dedicated laptops and phones <strong>for</strong> work. These will come preloaded<br />
with malware protection, firewalls, and strict access points <strong>for</strong> reaching company data. It is a better route<br />
than ”BYOD” as workers tend to use their own devices <strong>for</strong> riskier behaviors that can offer convenient<br />
entry points <strong>for</strong> bad actors.<br />
There is also privacy and support benefits with corporate-provided devices. IT can control company<br />
property without worrying about stumbling across an employee’s photos or their Facebook posts.<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>November</strong> <strong>2021</strong> <strong>Edition</strong> 109<br />
Copyright © <strong>2021</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.