5 ways to protect your business against social engineering
This is one of the areas that cyber liability insurance can cover, but there are ways to help you avoid having to claim, and we have five to share:
- Sign offs – If there are any large transactions taking place, there should be more than one trusted employee to sign this off, so that there’s not just one person responsible for picking up on something suspicious. This might be a request to change bank details or to confirm information that the bank wouldn’t ask for, like a password.
- Verification – An extension of the measure above, following up an email with a phone call is a good way to root out any anomalies. It’s best not to trust the email signature, as scammers have likely thought ahead. Better to look up the company’s phone number in a trusted directory and see if the two match up before making the call.
- Conscious posting – Social media is an information harvest opportunity for hackers, who use seemingly harmless information to build up a bigger picture of their targets, such as job titles and whether or not they are in or out of the country. Think twice before you post such information.
- Test your employees – IT departments will likely warn employees of any suspicious looking emails that have reached them first, but a more proactive approach is to create these emails themselves. By sending fake phishing emails they can gauge how observant computer users are being, and remind them of what to look out for in the future.
- Check your insurance – Not all commercial insurance policies include cyber insurance but this on its own can cover a variety of computer and technology threats, including social engineering. Speak to the experts at Affinity Brokers Ltd to find out more.