Monday, 8 January 2018

How secure you are?

You are as secure as careful you are.

Stay vigilant, watchful and attentive! Use your common sense and instincts.

If anything seems weird…, stop action, refuse to continue your work, raise your hand!



Watch out! Don't get hooked by an e-mail scam Watch how easy it is to loose your password, data, and ... security.



Don’t get hooked by an e-mail scam


Phishing email messages, websites, and phone calls are designed to steal money, data or information.

Whenever any suspicious e-mail or phone comes, follow 4 steps to make sure this is not phising:

SPOOFING: carefully check sender’s address. On mobile device click on the display name to show the address.

URGENCY: you should be worried if there is a call to actions? Always check the link first, where it really can drive you, instead simply quickly clicking on it.

VERIFY: in case you are not sure if the sender is the “safe”, contact the person by doing a forward or using other phone number. Do not simply reply to the e-mail.

ROBUST PROCESSES: first and foremost, ensure that you follow your processes. If sender is asking you for any deviation, it needs to have all valid steps and approvals. Never agree on doing anything without being sure.




Trust your instinct. If it doesn’t feel right, question it.



';--have you been pwned?


Carefully check the sender’s address – on mobile devices click on the display name to show the address.

Always hover over the links to display the URL. What appears to be the URL is a link, so it can be deceiving.

The content of the email will try to entice you to click on the link. It will call to action. You will feel a sense of urgency.


Do not forget to follow the security steps! Check your e-mail here: https://haveibeenpwned.com/



Invoice fraud – check twice, or pay the price


Invoice fraud occurs when a fraudster tricks an organisation into changing the bank account payee details for a payment.

Fraudsters pretend to be a regular supplier of the organisation.

As funds are often transferred quickly, this makes the recovery of the money difficult.

Look out for requests to:

  • Change payee account details for a regular payment already set up with a supplier, particularly if the request is for an immediate payment.
Take time to consider:
  • If a request to alter bank details or transfer money was expected or if it was received out of the blue from an existing supplier.
  • Is there a PO for the supply, can anyone confirm that goods / services were actually ordered and delivered?
Always verify requests to change bank details or set up new payment instructions by contacting the supplier directly. Use established contact details on file before implementing changes

Making fake statements is easy as 1-2-3. You can even find many instructions on youtube!


Inside job


Money and information are very often stolen by people within the organisation. There are many reasons why it happens. In many instances it is all because greed, however it is not only that.

To be safer always have eyes and ears open for the behaviours or activities of concern, and suspicious behaviour patterns that might indicate a potential insider risk:

  • Hostile attitudes and extremist views towards the company
  • Becoming withdrawn or appear vulnerable
  • Not eager to use vacations
  • Unauthorised handling of sensitive material
  • Being miserable, too nervous, etc.
Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)