Avantess-IAM Security Awareness Tip of the Week

Welcome to our Security Tip of the Week page.

Every week we post a new tip that focuses on a specific topic in the field of security awareness. The tips include knowledge and focus on the practicality  and immediately are feasible for everyone. In addition, each tip is connected to a corresponding newsitem so you can get more information on the subject.

You are welcome to use these tips in your organization or to share these with family and friends.

Do you have any suggestions or ideas for new tips, please contact us via our contact page.


What is a Business E-mail Compromise (BEC)?

Pretending to be the CEO

Aside from mass-distributed general phishing campaigns, criminals target key individuals in finance and accounting departments via business-email compromise (BEC) scams and CEO email fraud. By impersonating financial officers and CEOs, these criminals attempt to trick victims into initiating money transfers into unauthorized accounts.

How can you defend your company from BEC?

Businesses are advised to educate employees on how BEC scams and other similar attacks work.

Read more about the backgrounds and countermeasures in the Blog.


Avoid lunch or coffee break hacking. Our tips!

How likely is it that I get hacked. You always think that couldn´t happen to me. For a moment you do not pay attention and suddenly there is malware on your laptop. Someone has infected your computer within a few seconds, and simply monitors your actions on your laptop, if you are on Facebook, ordering in a web shop or using your internet banking application for example.

Crime will always exist everywhere, also in the digital world. It is important that you have some knowledge of this, because the digital risks are much greater than you might think. Indeed, it is online now so simple and so widespread that you should ensure in any case at least for some digital basic protection. Just like you turn the door locked when you leave the house.

Hacking is too easy nowadays, show reports by cybercrime taskforces and the police. Cybercriminals don´t need the technical understanding to apply the ability to hack, they can just buy the software or services on the Darknet. This ensures that everyone can hack users, that are not aware of the consequences and careless in handling of their digital protection. This means your data can be stolen without you noticing.

Avoid lunch or coffee break hacking.   See Our Blog for the 7 tips.


10 Steps to prevent being victim of an email phishing attack.

Definition of Phishing:

Phishing is the generic name for the fishing for personal information in order to commit fraud. This usually occurs through unsolicited emails (spam) or by telephone, in which criminals masquerading as a trustworthy entity or bank are asking for (login) codes, or to send in your debit card. With this information fraud can be committed  with internet banking, debit- or creditcards or a person’s identity.

For cybercriminals, it is one of the most popular ways to steal personal information, namely by using e-mail phishing attacks.

Cybercriminals often use this method to trick employees of large organizations into clicking on malicious links, so they can access corporate networks that contain valuable data.

Here are 10 tips on how to prevent you, to become a victim of email phishing, see the blog.

An ongoing security awareness program can also be a good help.


Develop a Cyber-Defence-Strategy

Developing a Cyber Defense Strategy within an organization is as important as the military strategy for a nation. Both hardware and software-based solutions are essential for the development of a cyber-defense strategy. Elements of a successful defense system are those where threats can be easily detected and cyber-attack attempts can be blocked. Constant monitoring of your network, and warnings of cyber-security team, in the event of a burglary or deviation from a normal pattern, are extremely essential. A good defense strategy should be established where possible and controlled by a cyber security professional. This investment is well worth it, as major cyber attacks can be prevented as (ref. Ali Raza).

For security awareness is essential that your whole team has a basic understanding of your cyber security strategy, how it is structured, and how they individually can make a personal contribution by reporting suspicious behavior. Support in setting up a cyber defense strategy can be shaped by the creation of a Security Operations Center, see the blog.

Pay attention continuesly to it, and it is a must to follow which direction developments are taking in the field of security management.

An ongoing security awareness program can also be a good help.