Recent hacks, scams could threaten your cybersecurity
Oct. 16, 2019
This paid piece is sponsored by Eide Bailly LLP.
By Karen Andersen, manager, cybersecurity services and risk advisory
Looking to make sense of the fluid nature of cybersecurity?
We bring you the hacks, vulnerabilities and challenges of securing your daily habits and work environment. This article is intended to help you make sense of the ever-changing world of cybersecurity so you can avoid similar scenarios. View our growing list of topics below:
- Criminals Use Sophisticated Vishing in Most Recent Attack
- Car Buyers Beware of Recent Cyber Incident
- Circle of Life
- Business Email Compromise
- Recovery Companies vs. Incident Response Companies: Beware
- Island Hopping Attacks Increasing Across All Industries
- Password Management
- Another Day, Another Data Breach
- Bomb Threat Scam
- Cellphone Scams
- Do You Wear Your Cybersecurity Helmet?
- Sharing Personal Information
- Cyber Extortion – A Serious Matter
- Vacation Without Worry
- Ctrl+Alt+Delete Your Way To Security
- Before You Fill Out That Survey…
- Cellphone Porting Scam
- Scammers Targeting Tax Preparers and Client Information To Commit IRS Fraud
- The Chips in Our Computers Have Left Us Vulnerable
- Email Spoofing – Who Really Sent You That Email?
Users constantly are being tested by criminals trying to get them to click on links in emails or download malicious software. There are many technical controls in place to help prevent those types of emails from even getting into a user’s inbox, and many users are trained to spot these types of emails. Criminals know this and are testing new scams using artificial intelligence, or AI, to help.
In a recent article, The Wall Street Journal uncovered an incident of criminals using sophisticated AI to “deepfake” a CEO’s voice to call a co-worker and convince the person to wire $243,000 to a supplier. Of course, the bank account numbers weren’t owned by the supplier, and the funds quickly bounced from one country to another to avoid being tracked.
This form of social engineering is called voice phishing, or “vishing.” With the ability to use AI to learn and mimic voices on the rise, it’s only a matter of time before more criminals utilize this technology. Organizations should train users that no personnel — not even CEOs — are allowed to request money transfers without proper approvals and verification of recipients.
If you have any questions about these attacks or would like to better understand how we help our clients feel more confident about their cybersecurity, please contact Anders Erickson, director of cybersecurity services, at 208-383-4731. You also can click the get started button to submit a contact form.