Protecting your network both externally and internally requires more controls than a traditional perimeter security model and must rely on trust in user identity and device health.
Social Engineering
Phishing is a form of social engineering - the act of deception, or taking advantage of a user’s trust to convince them to reveal sensitive information.
Spear Phishing
Spear phishing is a type of phishing attack that targets a specific individual or set of individuals. Attackers may do research on their targets via social media networks and publicly available information online, using the data to craft a credible message to convince victims to click, download or give away additional, non-public information.
Information Targeted in Phishing Attempts
Usernames and passwords that can be used to log into personal and work accounts.
Email addresses of colleagues or family and friends that can be used to send more convincing phishing emails.
Personally identifiable information like names, physical addresses, birthdates, Social Security Numbers, etc. that can be used for identity theft.
Confidential company information like details about mergers and acquisitions, research and development, and any other information that could be used to influence stock trading or for competitive gain.
Financial data a like credit card numbers, tax information or W2s that could be used to commit tax fraud and steal money.
Phone numbers that can be used to bypass two-factor authentication, as well as used to deliver SMS-based phishing campaigns.
Medical records or health insurance information like insurance policy IDs that could be used to commit healthcare insurance fraud.
Your business is your livelihood, so it only makes sense to protect it any way you can. If you have any questions, it's best to consult with an expert on Cybersecurity in Auckland - call Tony at 021-804-602 or visit PC Onsite for more information.