Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Five social engineering scams employees still fall for

Stacy Collett | Sept. 22, 2016
You’ve reminded your employees countless times with posters and games and emails about avoiding phishing scams. Still, they keep falling for the same ploys they’ve been warned about for years.

Redmond suggests that if a colleague asks to connect on any social network, then email their legitimate work address and ask if they’ve requested to connect with you. “It’s an easy way to keep yourself out of hot water,” he adds.

5. Social media surfing at work

Employees who surf Facebook, Twitter and a host of other social media sites can potentially open the door for cyber thieves because the scams require less work for them, and it’s also a relatively new area of awareness training for employees.

“Think about that ROI from the bad actors’ perspective,” Redmond says. “Instead of having to send 1,000 emails (to get one hit), I can get them to my page with one post.”

Social media’s cyber risk is still a topic that employees understand the least – with an average of 31 percent of questions missed regarding security awareness on the topic, according to Wombat. However, 76 percent of organizations surveyed enable employees to use social media on their work devices. This puts organizations at significant risk considering the lack of understanding in the area.

“I speculate the reasons why organizations are doing so poorly is it’s still fairly relatively new,” says CTO Trevor Hawthorn. “We’re also seeing a younger workforce. There is a belief in the industry that those employees will just click on anything. I think there is something to that.”


Previous Page  1  2  3 

Sign up for CIO Asia eNewsletters.