iStock-182365879  - iStock 182365879 - Successful Pretexting Attacks Have Nearly Tripled since 2017

are a growing threat to organizations, warn Chris Tappin and Simon Ezard from the Verizon Threat Research Advisory Centre. Verizon’s Digital Breach Investigation Report shows that 170 data breaches this year were caused by pretexting , compared to 61 in 2017. Tappin and Ezard attribute this rise primarily to poor security policies and a lack of security awareness among employees.

Pretexting is a targeted, social engineering-based attack in which attackers use continuous dialogue to build a sense of trust with the victim. By creating a fabricated scenario and posing as a senior employee or a trusted vendor, attackers manipulate victims into willingly giving up sensitive information, granting to systems, or even transferring money. These attacks are surprisingly effective because they target the human element and are often able to compromise systems that have appropriate technical defenses in place.

Tappin and Ezard believe that security professionals often face “decision paralysis” brought on by the multitude of varied threats to their organizations. They recommend that these professionals focus first on ensuring that basic, fundamental security principles are being followed by employees. Phishing and pretexting are not highly-technical attacks, yet they are among the top ten causes of all data breaches. Even the most sophisticated attackers use these methods because they are so effective.

Tappin and Ezard say that organizations need to educate their employees about malicious activity and compel them to respond if they see something suspicious. For example, employees should be encouraged to question strange or unexpected emails from their superiors. Pretexting attacks are successful when employees are unaware of the techniques used by attackers. New-school security awareness training can a culture of security within your organization by ensuring that employees are constantly on the lookout for suspicious behavior.

CSO has the story: https://www.cso.com.au/article/648201/how-defraud-company-just-ask/


Find out how affordable new-school security awareness training is for your organization. Get a quote now.

 



Get A Quote  - a8252926 7187 4c02 9dd4 933c17d712b1 - Successful Pretexting Attacks Have Nearly Tripled since 2017



Request A Demo  - 2af0f76d 67ca 4454 9896 5cb1da9b1f50 - Successful Pretexting Attacks Have Nearly Tripled since 2017

 



Source link
Based Blockchain Network

LEAVE A REPLY

Please enter your comment!
Please enter your name here