In a previous blog we looked at some of the techniques scammers use to harvest valuable information so they can hack your systems.

Some of these scams use social engineering techniques to fool business owners and employees into revealing key business data.

Just as people become alert to one technique, scammers develop another. They rely on people being friendly, helpful or simply naïve.

Make sure your team are alert to scams and develop strategies to block them.
FYI… Pretexting

Pretexting is a scam where the scammer pretends to be a genuine contact to obtain sensitive data in order to hack the system:
A caller says they’re from the business’ IT consultant and asks for login details because they’re doing ‘routine maintenance’ on an issue and need remote access to the system
An official-looking announcement appears on the bulletin board saying the number for the help desk has changed. When employees call for help, a call centre asks for their passwords and IDs, gaining access to the company’s private information
A contact might come through social media, establishing trust as a prospect interested in what the business offers, lulling you into revealing sensitive information
The friendly new reps for one of your suppliers turn up at reception with morning tea for the team and cheerful questions about your business operations and assets

With all these approaches, take a minute. Think. Who do you call to verify the contact is genuine? Is it your in-house IT Manager, your IT consultant or your General Manager?

Have procedures in place to safeguard what information is given out, when and to whom.