RSM Malta

FINANCIALS ARE ALREADY NOT LOOKING PRETTY. A PHISHING HACK COULD DESTROY THEM.

Phishing preys on ordinary human weaknesses to gain access to systems or extort money. Phishing was already very common and successful. Coronavirus shot those numbers up even further.

At RSM Malta, we’ve observed attacks for 8 Amazon gift cards of €75 each, a mere €600. It’s common. It’s effective. It’s rewarding (to the hacker). If successful, they’ll hit again and again, until the ploy is discovered.

Fake coronavirus alerts are all the rage, but phishing can use any topic to deceive users. Protecting against phishing attacks is a group effort. It requires a human firewall. The more employees educate themselves on how to spot and report phishing attempts, the safer your finances will be.

For a standard price of €490, we can run a phishing simulation experience for your company (up to 50 users). Our report will identify areas for improvement and recommend practical action points that are cost-effective for the local market, including user education.      

results_-_final.jpg

Background

  • Phishing preys on human weaknesses
  • #1 top threat in breaches in 2020
  • #2 top threat in incidents in 2020
  • Phishing emails a daily occurrence even locally
  • Several Maltese companies suffering damages
  • €600,000 stolen in a single attack on a Maltese company
  • €13 million heist at BoV started off with a simple phishing email
  • More worryingly, attacks for €600 Amazon gift cards experienced

How it happens

  • A long day
  • Work stress
  • An IT request to validate your account
  • Credentials are stolen

Phishing is a major threat:

  • It’s common. All industries are hit
  • It’s effective. 1 in 11 users is successfully tricked
  • It’s easy. A cornerstone attack method
  • It’s rewarding. Bad actors actually make a living out of this

Objective

  • How aware are your staff?
    • We create a phishing attack
  • How well are they are detecting a threat?
    • We track and study user actions

Recent Developments - The Corona Twist

  • Companies are focusing on safety, readiness and response measures
  • People are scared and tense
  • The bad guys prey on fear to manipulate people

Two grades of attacks

  • Generic, pretending to be the ECDC, Red Cross or other
  • Targeted, faking specific members of your company
  • By using a familiar name, attacks have a higher success

Save the money, avoid the Hack

Three steps to safeguard against these emerging phishing scams:

1. Get in front of the issue by communicating the risks

Proactively tell your staff how you will distribute critical alerts and information.

2. Evaluate your remote work security controls

The rush to implement remote working solutions has left many companies at risk. Indeed, we identified missing controls in all of the companies we worked with.

 

Talk to us for an evaluation. 

Know your staff

3. Test and educate your users

Protecting against phishing attacks is a group effort. The more employees educate themselves on how to spot and report phishing attempts, the safer everyone will be.

 

For a standard price of €490, we will run a phishing simulation experience for your company (up to 50 users). Our report will identify areas for improvement and recommend practical action points