Tales From the Frontline: A Thwarted Phishing Attempt

Earlier this month, the entire world became aware of the Wanna Cry Ransomware Virus attack. While an attack of this scale is certainly headline news, there are similar occurrences happening every day on a very local and personal level. Just such as call was recently received from Austin Hill, Support Engineer, at RightSize Solutions.

“One of our client employees had called because they had received an email from their kid’s school district asking to open link to a google doc. Not thinking anything of this, the client had tried to open the link, but fortunately, it had been detected and blocked in the RightSize Solutions environment. Austin immediately further researched the situation to discover a Nationwide ‘Google Docs’ Email Phishing Scam and provided the client with the proper guidance.”

While we were able to resolve this situation without incident, there are several lessons that can be learned here:

• Keep personal and business email communication separate and apart. Simply put, by introducing these unrelated-to-business emails, you’re putting your firm at a much greater degree to potential cybersecurity risks.

• Set clear procedures for personal email and social media usage. Not only do they distract employees, but can be direct portal to cyberincidents. Policies should restrict what employees are limited to do and not do. Be sure to include any company social media accounts in your archive process for auditing purposes.

• Build a culture of cybersecurity, by encouraging employees to alert management to mistakes early in the process. This gives management the opportunity to prevent huge losses of time, data, and money. You may even want to consider conducting mock cybersecurity drills.

Download our recent white paper ‘10 Actionable Tips to Help Improve Managing Your Firm’s Security Policy’, to learn more and keep an eye out for more stories in ‘Lessons from the Front Line’.