People don’t trust much these days. Six in ten don’t trust Facebook at all. Forty-six percent don’t trust the press at all. In fact, fifty-two percent don’t even trust polls like the ones just referenced.
Despite all this suspicion, people do still trust the people they know personally. That’s a problem, because technology makes it fairly easy for fraudsters to pretend like they’re the people you know and trust most. Consider these facts:
— You might trust messages you get from a manager or company executive, but did you know that sending a text message from someone else’s phone number is as easy as visiting a website?
— You might trust the vendors you’ve used for years – but did you know that business email addresses were reported as compromised to the FBI more than 20,000 times last year? And that’s just the small percentage that got reported to the FBI!
— You might trust your own employees, but did you know that more than 80% of data breaches are due to employees using short, easy-to-guess, or known-hacked passwords?
We’re long past the time when hackers and social engineers are just targeting large companies – they routinely steal from small towns, churches, and plenty of small businesses. Unfortunately, when you trust a message you’ve received from a co-worker, you’re trusting more than the person. You’re trusting that they aren’t being impersonated. You’re also trusting that their network hasn’t been compromised. Antivirus, firewalls, and port management are all important parts of keeping your business data safe, but despite the best efforts of technology companies, there’s only so much that can be done to protect a network’s users when their first instinct is trust.
The most valuable perimeter defense a company can build is a workforce whose first instinct when reading a message from a co-worker is “does this make sense?” Because in today’s world, if a request seems unlike that person, it’s probably not actually that person. Employees that take those five seconds to consider if a request is unusual enough to warrant giving the co-worker a call to talk about it can end up saving their companies tens or hundreds of thousands of dollars.
And besides, if your employees make a habit of asking whether situations make sense, who knows what outdated processes and unnecessary expenses they’ll find?
To learn how WingSwept can help you bring more awareness to your employees about cyberattack techniques, call us at 919-779-0954 or email us at Team_WingSwept@WingSwept.com.