When it comes to cybersecurity, human beings continue to be an organisation’s weakest link. Careless practice online plays into the hands of opportunistic attackers. Whether through falling for phishing scams, insecure disposal of sensitive information, failure to install fixes or leaving devices unencrypted, the vast majority of cybersecurity mishaps come about due to human error.
Business Email Compromises (BEC) are a growing phenomenon; as they are easy, cheap and hard to detect. Attackers target companies that send money via international wire transfers, and then use social engineering to commandeer bona fide email accounts – creating authentic-looking personas to syphon off funds into bogus accounts.
To counter this threat, staff should be trained to be vigilant for email irregularities in corporate style, spellings, greetings and address anomalies. Other precautions include tightening up wire transfer etiquette, telephone verification of money transfers and, above all, multi-factor authentication.