Simply Smart Now Part of LeadingIT Learn more
Our knowledgeable team will support you organization, allowing your staff to get the most out of your technology.
We implement layers of protection to ensure your organization is secure.
Using best practices, we proactively protect your organization from becoming a victim of cybercrime.
As a Datto Blue Diamond Partner we secure your data with industry leading backup and disaster recovery solutions.
We are committed to offering you the right technology that works for your business.
LeadingIT understands the technology needs of your business and offers computer, network and cybersecurity support to help you get the most out of your technology.
Read why businesses small and large across Wisconsin, Illinois and Indiana choose LeadingIT.
Working at LeadingIT means joining a group of people obsessed with taking on the real challenge of cybersecurity and helping businesses.
Stay up to date on the latest security threats your business faces and get tips on how to stay protected and informed.
Lexology had an excellent post from Ogletree Deakins by Rebecca J. Bennett and Danielle Vanderzanden, related to a crafty new phishing scam they warned about and that you should be aware of, because it has bad guys in real-time behind it, reinforcing the scam with quick answers via email.
These scams are affecting employers nationwide without regard to their payroll portals or payroll service providers:
“Employers beware: Companies are experiencing a wave of phishing scams that target employee paychecks.
Here is the scenario:
Bennett and Vanderzanden have the following recommendations:
“The threat actors are doing substantial due diligence on the social engineering side of things, and these e-mails look real. In many circumstances, they are effectively spoofing the sender’s account, and employers are learning of the scam when employees begin reporting that they did not receive their direct deposits. By then, the damage has been done.
In addition to diverting funds, the scam creates a data breach for the employer and triggers notification obligations. Failure to take prompt action may result in penalties and liability to unsuspecting employers.
Employers may want to immediately take the following precautions to avoid security breaches as a result of these phishing scams:
This is a link to the original article:
I suggest you send the following to your employees, friends, and family. You’re welcome to copy, paste, and/or edit:
There is a new Direct Deposit phishing attack you need to watch out for. It’s a sophisticated scam that starts with an official-looking email that asks you to click a link and access a website. Next, they ask you to confirm the data with your real username and password. Last, they use your info to access payroll portals, and reroute your direct deposit amounts to bank accounts owned by the bad guys. The lesson here is to never give anyone your credentials in response to an email… Think Before You Click!
Microsoft Confirms: Sending Simulated Phishing Attacks to Your Employees Is a Must
Well, Microsoft just legitimized the whole new-school security awareness training market!
I’m pleased to note that Microsoft has finally acknowledged that organizations need to send simulated phishing attacks to their employees with the announcement of a new feature called Attack Simulator. Part of its online Office 365 offering, Attack Simulater allows an email admin to send phishing attacks to determine how employees respond.
We consider the addition of Attack Simulator to Microsoft’s online Office 365 offering a win for our industry. In adding this feature, Microsoft has done what it always does: observe the market for innovative companies that create new markets, and then include a ‘checkbox’ feature with limited functionality so that their marketing can say: ‘Yes, we do that’.”
Old-school security awareness training doesn’t hack it anymore. More than ever, your users are the weak link in your network security
Founder and CEO
Reblogged by: Stephen Taylor
©2023 LeadingIT. All Rights Reserved.