Your phone rings or you receive an email. This is your line manager or the CEO of your company alerting you to an urgent problem. If you do not comply, the company is at great risk and your position itself is at risk. You will then be asked to transfer money or provide sensitive information.
If such a situation occurs, you are likely the target of a scam. The cybersecurity company Kaspersky precisely returned in a recent blog post to this scam which is wreaking havoc.
What are the specifics of this attack?
This scam is based on mechanisms that allow it to often hit the mark. Indeed, by posing as a superior, the employee will often not dare to question orders.
Likewise, malicious actors install a sense of urgency in their targets. However, we know that in such cases, it is difficult to stop and think, and these situations are conducive to making mistakes.
Clever, these cybercriminals demand absolute secrecy from the victim to prevent them from discussing the incident with colleagues or other superiors. Also be aware that some scams are very targeted and sometimes very well designed.
We particularly remember this incredible story that occurred in Hong Kong, where an employee of a multinational company agreed to pay 25 million dollars during a video where all his interlocutors were only a deepfake recreation of leaders !
How to protect yourself from risks?
Faced with this very concrete threat, Kaspersky offers tips to avoid the worst. Above all, you should not panic, because that is precisely what scammers are looking for. For example, don’t hesitate to hang up if you feel something is wrong to verify the facts mentioned.
Check if the email address or phone number matches the person you’re talking to. However, this is not an exact science, as experts explain:
Unfortunately, cybercriminals sometimes use fake email addresses that are difficult to distinguish from real ones, or hacked email or instant messaging accounts. All of this makes detecting tampering much more difficult.
You must also be attentive to certain details, whether his tone or his writing are different from usual. If your boss addresses you in a formal manner when he is usually much more relaxed, this is a sure sign.
In the event of an unusual order, do not hesitate to contact your colleagues to verify information, even if you have been asked to keep a secret. You can also try to contact your contact again. If you have been targeted by an impostor, they will not understand your request and you will be fixed.
Finally, you should warn other employees as well as the police. It is indeed possible that these scammers are targeting other people within the company.
-
-
