Infosec Cloud
Solutions. Services. Training.

The 'chat' from the cloud

Keep up-to-date with the latest trends, hints and tips on cloud-based security

Combat Social Engineering, Phishing and Ransomware

Date: Jul 27, 2015

Category: Blog

Pete Sherwood, CTO, Infosec Cloud

One of the greatest threats to information security is likely to come from within your company or organisation, with uninformed users responding to phishing e-mails, opening trojan attachments and visiting cloned websites infected with malware.

Company email addresses are relatively easy to find as they are public facing data. And there is an entire industry built around lead generation using information freely available to the public. With this information, cyber criminals can easily launch social engineering, spear-phishing and ransomware attacks on your organisation.

Social Engineering is when a hacker uncovers vital information about an individual and uses this to attack them. One technique is to send out emails claiming to be various websites and companies asking for recipients to click a link and enter their email address and password to ‘confirm’ their accounts.

This type of attack is very hard to defend against.

Technology can of course made some kinds of cyber attack more difficult to commit, but even the very strongest security technology can be overcome by a clever social engineer. That’s why ongoing security awareness testing and training for end users is essential.

Organisations can only fully combat social engineering, phishing and ransomware attacks by instituting regular employee security-awareness testing and training. We all need to be vigilant and look out for fake emails and websites, and know what we shouldn’t and should do.

Employees can and should be the last line of defence.

Infosec Cloud provides a managed Security Awareness Testing and Training (SATT) service in which simulated phishing emails are sent to employees. This system then helps employers to pick out which users are a threat to the security through social engineering and provide the necessary remedial training. Click here to read more >>

Comments are closed.

  • Employee GDPR Awareness Training

  •  Identity-as-a-Service (IDaaS) solution

  • Tokenless Strong Authentication (MFA)

  • Next Gen Endpoint Security

  • Enquiry LinkedIn Spiceworks