A long time ago (in the early 2000s), I was playing games online. One of my accounts was compromised – the password was changed, and multiple “high-priced” items I had earned were “traded” without my knowledge, to the account of another player. One could easily blame my simple password at that time when there were no rules around password strength. Regardless of the reason, what happened was one of the earliest versions of an account takeover (ATO) attack.
This post is about LinkedIn – a go-to professional networking and jobs platform – a feature that allows outside individuals (not belonging to the target organisation) to post jobs on an organisation’s behalf. Whether you call it posting scam jobs on LinkedIn, phishing the LinkedIn users or any wider campaigns based on the drivers – it is a recipe for Identity fraud.
Every day, billions of emails are sent out, some legitimate, while others are used to target unsuspecting users. According to the FBI, phishing attacks were the most common type of cybercrime in 2020. The reason these are so commonly used is because phishing tools are easy to get a hold of and attackers are taking advantage of the weakest link when it comes to security – the employees.
In an age when attackers create over a million phishing sites each month, and phishing serves as a beachhead for 95 percent of all attacks against enterprise networks, how can businesses respond? Part of the answer lies in educating users to recognize and report phishing, of course. But user education only goes so far – particularly because the same statistics cited above show that, on average, only 3 percent of users will report phishing emails.
Cybersecurity attacks come in all sorts of ways and from all directions, so perhaps we should not be surprised at one of the latest trends in thieves trying to steal your organization’s data — “vishing” attacks, where they use the plain old telephone.
Social media platforms are excellent hunting grounds for scammers. This is where we connect with our friends or people who we have something in common with. This is precisely what scammers exploit—our connections and the trust that is afforded between friends or acquaintances. From an early age, we are taught to be kind and compassionate as well as to help others, especially people we know such as friends and family. In turn, they will help us if we ever need it.
Imagine, it’s a Saturday morning and you receive a call from a bank: – Hello? – Hi [insert your name], we suspect that a fraudster is trying to use your card at a grocery store in Texas. – Well, I am at a grocery store in Texas! – Oh my gosh! Do you see him? If only credit card fraud was funny.
Scammers target businesses with phishing emails all the time, pretending to be legitimate customers or vendors asking for payment. While any company can be vulnerable to this type of attack, small- to medium-size companies are particularly vulnerable because it is easier for a scammer to do a bit of research online and identify the right people to impersonate or send a phishing email to.
Fraudulent phone calls have been an issue for years, and they’re becoming more common. According to a recent report from Truecaller, 59.49 million Americans lost money to scam calls in the past year, costing $29.8 billion. These threats have risen in both number and cost, and businesses can’t afford to ignore this trend. Small and medium-sized businesses are popular targets for fraud, as they often have less security.