Alright, passwords are changed regularly and all the updates are being installed unfailingly. Our devices are safe and secure, and the data is going nowhere. That’s the general presumption of ours, isn’t it? And that is a huge mistake. In this large interconnected cyber space, unknown online threats are plenty. Tricksters are always at the gate. Nobody knows when unsuspected tricksters will knock the door, enter our systems and screw up things before we can react.
Indeed, online frauds are on the rise. Consumers in India alone witnessed 69% increase in online frauds last year, according to the statistics provided by Microsoft’s research- 2021 Tech Support Scam Research Report.
The same report says that online tricksters create fake tech support to dupe people. People can be fooled to interact with fake IT support scam teams, eventually losing a big sum of money. In worst circumstances, devices and data are damaged.
The modus operandi is simple. Everything is being orchestrated by the tricksters. They reach out to unsuspecting people pretending as representatives of a company. They highlight ‘problems’ in devices and software that do not exist. Subsequently, they offer to troubleshoot concocted technical glitches for a sum of money.
If somebody falls under trap then the repercussion could be more serious if the fake IT scam team is granted remote access. That presents an opportunity for tricksters to install malicious programs to execute frauds or steal personal information.
More than Password Management: IT Governance
Now any individual can fall for this scam, and the consequences could be financially damaging. But if any gullible employee of an organization is conned, the impact can be catastrophic.
Indeed, all it takes is one password breach and/or elevation to endpoint privileges for executing attacks. Ransomware attack, snooping on confidential information, unauthorized privileged access among many incidents happens when employees accidentally or intentionally grant system access to unauthorized people.
And the level of threat has multiplied as employees all over the world access systems from anywhere. In many instances they use their own PCs, laptops and save files on drives available on-cloud.
However, it is equally important to educate the workforce. IT governance and mandates including comprehensive IT policies must be implemented if an organization has to ensure data security. It is imperative to conduct training sessions for employees. Organizations must impart to them what sort of malpractices exist in the world of organized cybercrime.
Yet, if people and IT processes are kept in the silos, which is without centralized governance, then IT scams are inevitable.
Today everyone is very conscious to the fact that our social media footprint plays an important role in all walks of life. It’s about time we also become careful about to whom we interact with online.