We hope everyone is familiar with the phone scam where a person calls and pretends to be an IRS or FBI agent and they try to get private and sensitive information from you.  The bad guys are relying on you to be a good citizen and use social engineering cues to pressure and persuade you they are “real” and that you are under threat unless you “cooperate” with their requests.  Hopefully, you just hang up on the persons making these fraudulent calls.  Here is the new twist that takes this to further extreme that we will call “Brazen Social Engineering 2.0”.

Now that the bad guys have established you are a “real” person, they will continue to call and be more aggressive to convince you to give them private information.  They are going so far as to research public databases.  For instance, if you have a court order, they will use your actual case number to sound convincing.  Pretty scary…

Now imagine these same tactics being applied to your business.  Through phishing attacks, we know that cybercriminals are sending false invoices to be paid.  They have ramped up the attacks to include follow-up “bullying” emails questioning why payments haven’t been made, PLUS, they are layering threatening phone calls to key employees.  Can you imagine one of your employees getting a call like that from a sophisticated trained hacker asking for payment on a fraudulent invoice?  That’s brazen! 

Now picture this is happening to your company.  Who would answer the call from the hacker? Do you have a picture in your head of who that person would be?  Then, ask yourself these questions:

  • Will your employee stand firm and not fold with the social engineering pressure? 
  • Will your employee open the email with the false invoice and possibly release a virus into your IT environment and possible compromise your company’s data?
  • Will your employee simply forward the email to a coworker to avoid the issue?
  • Or will your employee be trained and confident enough to dismiss these kinds of attacks?

If you don’t whole-heartedly pick the last option, we can help you block those types of phishing attacks in the first place AND train your employees to spot fake emails and scams should something ever get through to your network.

If you want the confidence to know your company is protected from Brazen Social Engineering attacks, please give us a call. To support Cybersecurity Awareness Month, we are offering a FREE CyberSecurity Threat Analysis, a FREE CIS 20 Controls Report to see if your company is in compliance to the State of California requirements AND FREE Cybersecurity Training for your employees.

Call JR-Tech at 951-319-4080 or online at www.jr-tech.com/cybersecurity