Connect with us

Featured

It’s Safer Internet Day: prepare for unprepared customers

Organisations can no longer rely on their customers being cyber aware about malicious mails exploiting their brand, writes HEINO GEVERS, cybersecurity specialist at Mimecast

Published

on

Over the past 12 months, South African public and private sector organisations have fallen victim to a range of sophisticated cyberattacks that have disrupted business operations and resulted in reputational damage, loss of productivity and finances.

Most organisations have to protect against a growing list of attacks including phishing, ransomware, impersonation fraud and insider threats. IT security teams are often overwhelmed and under-resourced, making it increasingly difficult to detect and defend against cyberattacks. That many end-users remain unaware of how to identify and stop incoming threats only adds fuel to the fire.

But beyond protecting their own organisations from these attacks, security leaders need to take an expanded view that protects their customers too. Especially as we mark Safer Internet Day (today, 11 February), organisations can no longer rely on their customers being cyber aware when it comes to malicious mails exploiting their brand.

In the past, service providers tended to pass the buck when their customers fell victim to a scam impersonating them. It was easy to blame the individual’s misfortune on their own poor cyber awareness. But as cyberattacks have become more sophisticated, the buck now stops with the brand.

Organisations are no longer excused from looking beyond their own security perimeter to protect customers and partners. It’s surprisingly easy for attackers to impersonate a brand on the internet. Even an unsophisticated attacker can register a domain similar to a well-known brand and draw customers, partners and the public to it. Because there’s an underlying level of trust in the brand they are impersonating, there is an elevated risk of customers clicking on a link that deploys malware to their device, or sharing personal information that is used later for financial gain.

Nine out of ten cyberattacks globally use email as the primary attack channel. Business email can be used to give criminals access to confidential information, gain control over an organisation’s IT assets and disrupt business operations. 

We advise that organisations employ a cyber resilience strategy by implementing effective security controls to detect and protect against a cyberattack, advanced archiving and business continuity tools to ensure productivity during an attack, and the ability to quickly recover data and restore business systems in the wake of an effective cyberattack.

Effective security controls must include protection from external threats at the email perimeter and internal threats within the network and organisation. They then need to look beyond the perimeter to ensure their brand isn’t being impersonated to target external email users like customers.

While it might seem obvious, there are still some organisations that aren’t protecting themselves from emails containing malicious links or malware within attachments.

First and foremost, organisations need to implement effective controls at the perimeter to detect phishing, spear-phishing and malware attacks. But it doesn’t stop there. Criminals often try to bypass perimeter security by using a compromised employee’s account or social engineering to transmit email from an internal network, which can then expose organisations to immense risk. All it takes is for one employee to click on a malicious link or open a compromised attachment to put the entire network at risk. Regular awareness training should be the norm for South African organisations to ensure their employees have the knowledge to identify and avoid risky behaviour.

Protecting an organisation from brand impersonation is then the third and often overlooked step to ensuring pervasive protection.

Organisations should look at tools such as DMARC to protect the domains owned by the organisation from impersonation and fraud. This should be supported by the ability to proactively hunt for domain and brand abuse, and the power to take down fraudulent sites aiming to exploit customers and partners. Unfortunately cyberattacks like this leverage and can ultimately destroy value and trust that a brand owner may have taken years or decades to build.  So, it’s really in the interest of the brand to take the correct measures to prevent this from happening.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Featured

Alexa can now read all messages

For the first time, an Alexa skill is available that makes it possible to listen to any kind of message while driving

Published

on

For the first time, Alexa users can now hear all their messages and email read aloud.

Amazon’s Alexa has become a household name. The world’s most popular virtual assistant is getting smarter every day and now, with Amazon Echo Auto, it’s in cars too. 

“In today’s highly connected world, messaging in the form of emails, texts, Facebook Messenger, WhatsApp and work channels like Slack, are integral to our daily routine,” says Barrie Arnold, chief revenue officer at ping. “However, distracted driving is responsible for more than 25% of car crashes and thousands of preventable fatalities every year.” 

ping, a specialist in voice technology founded by Arnold and South African Garin Toren, has developed a new Alexa skill as a companion to its patented smartphone app, that enables any message type to be read aloud. Designed for safety, productivity and convenience, “pingloud” is the first skill of its kind for keeping users connected when they need a hand or an extra pair of eyes.

“The ping Alexa skill is specifically designed to help drivers stay off their phones while giving them exactly what they want – access to their messages.” says Toren, ping CEO. 

Opening up Alexa to developers has resulted in an explosion of new skills available either for free or for a fee that unlocks premium services or features. These tools magnify the usefulness of Alexa devices beyond common tasks like asking for the weather, playing music or requesting help on a homework assignment. According to App Annie, the most downloaded apps in 2019 were Facebook Messenger, Facebook’s main app and WhatsApp, highlighting the importance of messaging. 

“The ping Android app is available worldwide from the Google Pay Store, reading all messages out loud in 30 languages,” says Toren. “The iOS version is in global beta testing with the US launch coming very soon.” 

Once you’ve signed up for ping, it takes a few seconds to link with Alexa, enabling all messages and emails to be read aloud by a smart speaker or Echo Auto device. Simply say, “Hey Alexa, open pingloud.” ping links an account to a voice profile so unauthorised users with access to the same Alexa cannot ask for the authorised user’s messages.

All major message types are supported, including Texts/SMS, WhatsApp, Facebook Messenger, WeChat, Snapchat, Slack, Telegram, Twitter DM’s, Instagram, and all email types. Promotional and social emails are not read by default.

*For more information, visit www.pingloud.com

Continue Reading

Featured

Coronavirus to hit 5G

Published

on

Global 5G smartphone shipments are expected to reach 199 million units in 2020, after disruption caused by the coronavirus scare put a cap on sales forecasts, according to the latest research from Strategy Analytics.

Ken Hyers, Director at Strategy Analytics, said, “Global 5G smartphone shipments will grow more than tenfold from 19 million units in 2019 to 199 million in 2020. The 5G segment will be the fastest-growing part of the worldwide smartphone industry this year. Consumers want faster 5G smartphones to surf richer content, such as video or games. We forecast 5G penetration to rise from 1 percent of all smartphones shipped globally in 2019 to 15 percent of total in 2020.”

Ville-Petteri Ukonaho, Associate Director at Strategy Analytics, added, “China, United States, South Korea, Japan and Germany are by far the largest 5G smartphone markets this year. The big-five countries together will make up 9 in 10 of all 5G smartphones sold worldwide in 2020. However, other important regions, like India and Indonesia, are lagging way behind and will not be offering mass-market 5G for at least another year or two.”

Neil Mawston, Executive Director at Strategy Analytics, added, “The global 5G smartphone industry is growing quickly, but the ongoing coronavirus scare and subsequent economic slowdown will put a cap on overall 5G demand this year. The COVID-19 outbreak is currently restricting smartphone production in Asia, disrupting supply chains, and deterring consumers from visiting retail stores to buy new 5G devices in some parts of China. The first half of 2020 will be much weaker than expected for the 5G industry, but we expect a strong bounce-back in the second half of the year if the coronavirus spread is brought under control.”

Exhibit 1: Global 5G Smartphone Shipments Forecast in 2020 1

Global Smartphone Shipments (Millions of Units)20192020
5G19199
Rest of Market13941165
Total14131364
 
Global Smartphone Shipments (% of Total)20192020
5G1%15%
Rest of Market99%85%
Total100%100%

Source: Strategy Analytics

The full report, Global Handset Sales for 88 Countries & 19 Technologies, is published by the Strategy Analytics Emerging Device Technologies (EDT) service, details of which can be found here: https://tinyurl.com/wep83gc.

Continue Reading

Trending

Copyright © 2020 World Wide Worx