New Year - Same Threats Only Better!

welcome back to another episode of cappuccino chat this time it's a whole new year but we got the same old threats well it's a new year but we have the same threats and what do I mean by that well things aren't really changing as far as how these threat actors are trying to attack us with the fishing emails and trying to get people to open things and log in and do different things but what is changing is the fact that they're now using art artificial intelligence so that AI is making things much much harder for us to spot the fact that they are not legit so we really need to concentrate on training our employees and ourselves to watch out for what we're doing because it's not as obvious like I said before the grammar is much better the graphics are better the email addresses are getting trickier and trickier to spot we really need to pay attention to those emails that we get from different people and it may come from legitimate sources so remember a lot of times these attackers are using there may be somebody that you do business with that has been breached and compromised so therefore they get their email list they see what's going on again these attackers are not being malicious they're trying to see what data is there before they do anything and they're using that data to their advantage to spread to other businesses so let's say you get invoice or materials from one of your partners vendors so on and so forth you're used to getting things from them what they'll do is uh copy their signature uh line if they've got some graphics down there nice signature they'll copy all those different things um and they'll make it look like it's coming from them they may send an invoice hey sorry about this um we missed invoice to you last month here's the corrected invoice can you please uh remit payments as soon as possible your used to getting invoices so someone might go ahead and click on and open up that invoice at that point depending upon what's being done your machine at that point could be compromised that's how fast it can happen now we don't want to punish employees for accidentally doing something we want them to understand that accidents do happen but they need to report it immediately hey I think I might have clicked on something that's not not legit let's do something let's talk to our it guys let's call Southwest networks have them look at our computer and see what we can do there are additional layers of security that we can put in place if you've so chosen with like zero trust application wh listing to prevent even these accidents from happening and being able to do the full payload now you might be thinking why is someone going to be trying to get my data I don't have anything of value well you do have a lot of data that is valuable not only do you have information possibly on your customers and who they are like I said correspondence with them email right but you also have information on your employees Social Security numbers addresses so on and so so forth so they can create false identities we got tax season coming up file fake tax tax um refunds and get those now we've heard about those in the last I don't know how many years since before covid or especially during Co where people were going to file their taxes and finding out well somebody already filed their taxes so we really got to watch these things and protect both our business our clients and our employees from these different things so if they got into your systems they could then spread to your customers vendors and so forth and if it's determined that the spread came from you you could be partially liable or they could go after your insurance things of that nature for damages so we want to make sure we limit that as much as we can again there are no guarantees when it comes to this stuff as soon as we put something in place the bad guys find a way around it but that's not to say you can't do what a reasonable person would be expected to do a reasonable person nowadays is expected to provide additional security and training to their employees the application whitelisting is another thing that can really really help you um prevent a lot of these things where it won't allow these malicious applications to be installed because they're not on the approved list but the most important thing is training our employees if you don't have a formal training solution in place for your employees and yourself please reach out to us at 760-770 5200 and ask about our cyber awareness training program thank you