More IT Scams Aimed at Millennials
A new study reveals that cyber crimes using IT scams targeting Millennials is big business.
During the holidays or throughout the year, cyber vigilance is important for businesses and consumers. HR takes a big role in training users and departments in recognizing, evaluating, and acting appropriately to contain risk due to threats like social engineering and phishing schemes.
In findings from a recently released Norton Security report, Millennials are now the leading victim group for cybercrime, surpassing even the elderly. Surprised? Don’t be—it happens to a lot of people.
Key takeaways about the present state of cyber crime
This is the year that cyber crime established itself as a major criminal enterprise. While hacks and information breaches were once infrequent enough to garner major headlines, cyber crime is now carried out every day as more bad actors jump online looking to make some pocket change or grab a larger piece of the action.
Business, regulated industry, healthcare, and transportation infrastructure are increasingly targets of online criminals. And that doesn’t include attention-gaining moves like the October surprise Distributed Denial of Service (DDoS) attack on internet infrastructure provider, Dyn, that made many East Coast website concerns such as Netflix impossible to reach.
The new Norton Security report highlights the following facts:
- People are aware of the need for cyber security, but choose to overlook the risk
- Many people do not recognize spoof and real email
- WiFi hotspots are a real problem if you do not use a VPN
- Consumers do not consider cyber connections as part of their overall home security
For many, data theft seems inevitable—so why try? For businesses this dangerous attitude must be avoided at all cost. A well-publicized cyber attack (think Target, Yahoo, or LinkedIn) can deter future business opportunities, cause irreparable reputational harm—and sometimes put smaller businesses out of work. Business continuity planning is essential to identify risk and avoid future threat.
Keep your workplace informed of cyber best practices
Cyber security in the workplace is critical training topic. Consider adding a cyber security walk-through to your onboarding process if it does not already exist. We talked earlier about tactics to avoid cyber intrusion, like social engineering and phishing.
Phishing expeditions focus on personnel at all levels of an organization. It could be a call from someone pretending to be a customer, or an email from someone unknown. From customer service to the C-suite, some quick tips for avoiding a malware download from an infected phishing email include:
- Be suspicious of sender and subject line. Most people have received electronic mail, or images, from the email account of a friend. The subject line could say, “Look at this!” or any other phrase that might encourage you to take the click bait—don’t.
- Do not click on links embedded in an email. If you want to, type the website address in a new browser window.
- When in doubt, contact the supposed sender to ask about the email, delete it, or forward it to your IT department.
Cyber security is not limited to the electronic environment. Just some of the policies to consider for securing your electronic and physical work landscape include:
- Locking computer screens and securing work stations
- Proper electronic document handling, including email and file retention
- Access avenues to confidential or sensitive company information
- Transmission of confidential data and working remotely
- Handling storage of confidential information on devices, including flash drives
- Using personal mobile devices to transmit or store confidential company information
- Third party vendors, vetting, and network security
- Onsite physical security, policies for dealing with vendors and strangers in the facility
Numerous resources exist to guide consumers and businesses in methods to protect and mitigate cyber invasion. For most companies, data breach is not a matter of “if,” but “when.” Be ready to meet the challenge when it arrives.