Bank holiday hackers - they won't be taking time off
Ah, the humble bank holiday. Is there anything that feels more fun and decadent than hearing the Antiques Roadshow theme tune on a Sunday night and not having to think about getting up for work in the morning? Some people have jobs this doesn’t apply to, firefighters, paramedics, shop assistants, cybercriminals. That’s right, hackers will take any opportunity to scam people, and holidays are a great time to catch people unaware.
If you don’t have good mobile device management
This is a big one. With owning a smartphone now the norm for most employees, so many people want to add their work emails and software for convenience. Some employers have specific BYOD or “Bring Your Own Device” policies for this very reason. However, they aren’t always up to scratch when it comes to security.
Lost or stolen devices
By our very nature, humans are more relaxed and less on the ball when it’s a holiday. Especially if it’s sunny, lots of people wouldn’t think twice about having a snooze on a picnic blanket, maybe with their phone a few millimetres from their outstretched hand. A prime opportunity for thieves, who will be looking out for this kind of opportunity. According to data from The Crime Survey for England and Wales (CSEW) an estimated 325,000 people experienced mobile thefts across England and Wales in 2020.
This isn’t unique to bank holidays, thieves often target holidaymakers in other countries for the same reason.
If you have no input into how they use their phone for work, it isn’t passcode protected, they’re logged in to their emails and work software – you’ve lost control of your company data at this point. The thief could sit in a cafe and happily read through your employee’s emails, and access all of their apps and there’s absolutely nothing you can do about it.
However, there is a way to combat this. Not only should you have a robust policy that lays out device use and security expectations, but there are technical ways that you can manage company data on devices. This means that should a device get lost or stolen, as long as your employee lets you know immediately, you can revoke access to company systems and data from their device immediately, preventing access from unwanted eyes.
If you’d like to know more about mobile device management, please get in touch. Just give us a call on 01373 768024 or email your query to firstname.lastname@example.org
If they’re already on your system
If you or an employee have unwittingly given cybercriminals access to email accounts, whether by downloading a dodgy PDF masking as an invoice or being tricked into parting with their login details, then you could have someone lurking on your system already. We’re not writing this to scare you, we’ve seen it! It’s important to be aware.
We’ve written before about how they can then lurk, setting up email rules to stop emails from certain suppliers from even reaching your inbox and spending weeks or even months learning how you talk, what your position is within the company, and how they can use this information to extract money from either you, your clients, or your suppliers by pretending to be you.
If you don’t have proactive IT security monitoring your system, you won’t have a clue. They can then use days like bank holidays when they can have a good snoop undetected, to carry out intense research that could help them change the payment details on an invoice and redirect a large amount of money to themselves in the process.
As part of our proactive monitoring process, we can spot changes being made like unusual admin accounts being created, or peculiar email rules being set up. We can then investigate them and take swift action accordingly, so you can enjoy your bank holiday happy in the knowledge that you’re safe.
Would you like to know more about this? Book a call for a free no-obligation chat.