Scamdalous
It's a tale told so often that it's become a cliche. You get an email that says a prince needs a wire transfer from your bank account in order to reward you with his riches; Or maybe it's from a "M4ster H@cker" who has been "recording your webcam." Everyone thinks that they'll catch a phishing scam when it happens, but it may not be that easy. Scams have gotten better and more elaborate, and you may not notice them so easily anymore. This makes data security all the more difficult, and means that you need to educate yourself often.
Today, phishing scams are much more complex than the days of foreign princes. Now, emails can look incredibly legitimate, and can very easily leave you scrambling to recover from a data breach. Perhaps the email comes from someone you know-- a family member or even your boss. The company is having a barbecue on Friday, and needs a gift card for a prize, but they need you to front it. Don't worry, you'll be paid back. Except you won't, because it didn't come from your CEO. It came from a .net email, and not a .com email like your company uses. But now it's too late. Scammers will even hit victims where they feel safest: hitting an unsubscribe button. What looks like harmless spam that you don't remember signing up for can suddenly become an open doorway for ransomeware.
Unfortunately there's only so much you can do in these situations, which is why it's better to prevent lapses in data security before they happen rather than face the music after they happen. How do you prevent this from happening? Well...
1. Set an organizational policy on what kinds of emails to expect
There's a much lower risk of employees accidentally complying with a fake coworker if they know that those kinds of emails will never be sent. Make clear, for example, that you aren't ever going to send gift card requests. You'd think this would be self-evident, but hey, I'm writing an article now, so it must not be.
2. Constantly educate your employees
I can't predict the future of malware, and you can't either, but every time an attack happens, we can learn from it and discover how to prevent falling for it again. It can be brief, but it's certainly worth your while, because your business can suffer greatly in the wake of a hack.
3. Establish a culture of communication
The best way to deal with these problems is to communicate. Your business needs to foster an environment where employees feel comfortable going to IT whenever a problem arises, or when suspicious activity occurs. If you shut down the avenues of communication or make employees feel like they have to cover their tracks, they may cause even further problems that simple communication would have prevented.
Conclusion
Data security is a tricky business, and scams get more convincing every day. By combating ignorance with constant education and by making employees feel informed, your business can avoid the pitfalls of a hack. That, or perhaps we're all ignoring a very generous prince who just wants us to be rich.
