BOOK AN APPOINTMENT WITH AN IT SPECIALIST TODAY

What You Can Do to Prevent Cyber Attacks Targeting Employee Data

What You Can Do to Prevent Cyber Attacks Targeting Employee Data

Threat actors are targeting companies to obtain personal information about employees to use for tax fraud and filing false returns.  

Cyber Security

Your company stores all sorts of personally-identifiable data about your employees. Birth dates, social security numbers, health information, and bank account numbers are all on the shopping lists for hackers who can sell the information they steal or use it for malicious acts. One of the most sought-after documents by bad guys is tax records and tax forms.

These threat actors use that information to steal identities and file fake tax returns. Tax identity theft is the biggest type of ID theft reported to the Federal Trade Commission (FTC) each year. The FTC estimates the fraud at more than $5 billion annually.

Often, the victims aren’t aware anything has happened until they go to file their personal tax returns. They may try to file electronically, and have it rejected as a duplicate, or get a notice from the IRS saying there’s a problem. By then, the fraudsters are long gone.

How Do Hackers Steal Employee Data?

The most common way your employee data is breached is via phishing emails. Nearly a third of all data breaches and 78% of cyber-attacks started with a phishing email.

Hackers use email as a weapon to gain access to your systems. It may be as simple as sending an email asking employees to update their payroll information. Clicking on a malicious link can send that info to the wrong people. That’s exactly what happened to employees at the University of Kansas who soon found the direct deposit of their paychecks had been re-routed.

Other phishing emails may be targeted at individual employees using a variety of schemes to trick employees into giving up login credentials allowing cybercriminals to have access to company records. Other schemes may install malicious code when clicked and set up backdoors for hackers to access company computer networks. HR employees are also being targeted. A forged email may appear to come from a company executive or a third-party payroll processor asking for verification of information.

In an increasingly mobile society, hackers are gaining access to sensitive data when employees are connecting remotely to company servers without using proper security practices. When employees use public Wi-Fi, for example, they are vulnerable to man-in-the-middle attacks where threat actors intercept data as it’s being transmitted back and forth.

How To Prevent Becoming A Victim

Educating your employees about the dangers of phishing emails is a good place to start. One trillion phishing emails are being sent every year. While your company’s spam filters catch many of them, a significant number can slip through. Employees need to recognize the warning signs and everybody within your organization needs to take precautions to safeguard your data:

  • Install anti-virus and anti-malware software on all devices
  • Use strong passwords of 8 or more characters, numbers, and alphanumeric characters. Force changes regularly.
  • Encrypt all sensitive information
  • Back up sensitive information to a secure external source
  • Limit access to employee data with escalating security procedures
  • Require employees to install security software on all devices that access company data, including personal devices
  • Use Virtual Private Networks (VPNs) to encrypt data accessed remotely

It’s also important to keep all your software up-to-date. Hackers exploit what’s known as zero-day vulnerabilities in outdated software. These are known security problems that have been patched by the company. If the patches haven’t been applied by those using the software, hackers can exploit this known problem. That’s what happened to credit reporting agency Equifax, which saw hundreds of millions of records stolen when the company had failed to apply patches to known security issues.

Consider A Managed Service Provider

Even the best IT teams can be overwhelmed by managing all the various devices and entry points to their networks. They may not have the expertise needed to stay on top of constantly evolving threats and security practices.

A Managed Service Provider (MSP) can actively monitor a company’s servers, exchange servers, active directory servers, firewalls, routers, switches, and platforms remotely. This ensures software is always up-to-date and breaches are identified immediately.

An MSP will monitor your network traffic and incursion points 24/7 in a cost-effective way. In case there is a cyber-attack, an MSP can be your best weapon in identifying the threat, shutting it down, and building additional security walls to prevent future breaches.

More Like This

AA22-138B: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control

Original release date: May 18, 2022 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this Cybersecurity Advisory (CSA) to warn organizations that malicious cyber actors, likely advanced persistent threat (APT) actors, are exploiting CVE-2022-22954 and CVE-2022-22960 separately and in combination. These vulnerabilities affect certain versions of VMware Workspace ONE Access, VMware Identity Manager …

AA22-138B: Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control Read More »

Read More

AA22-138A: Threat Actors Exploiting F5 BIG-IP CVE-2022-1388

Original release date: May 18, 2022 Summary Actions for administrators to take today: • Do not expose management interfaces to the internet. • Enforce multi-factor authentication. • Consider using CISA’s Cyber Hygiene Services. The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) are releasing this joint Cybersecurity Advisory …

AA22-138A: Threat Actors Exploiting F5 BIG-IP CVE-2022-1388 Read More »

Read More

AA22-137A: Weak Security Controls and Practices Routinely Exploited for Initial Access

Original release date: May 17, 2022 Summary Best Practices to Protect Your Systems: • Control access. • Harden Credentials. • Establish centralized log management. • Use antivirus solutions. • Employ detection tools. • Operate services exposed on internet-accessible hosts with secure configurations. • Keep software updated. Cyber actors routinely exploit poor security configurations (either misconfigured …

AA22-137A: Weak Security Controls and Practices Routinely Exploited for Initial Access Read More »

Read More

157-Year-Old Lincoln College Succumbed To A Ransomware Attack

157-Year-Old Lincoln College Succumbed To A Ransomware Attack On May 13th, 2022, a college that has remained open through two world wars, the 1918 Spanish flu epidemic, and the Great Depression will close its doors. The college has been struggling to stay afloat in recent years, and the coronavirus pandemic and a recent ransomware attack …

157-Year-Old Lincoln College Succumbed To A Ransomware Attack Read More »

Read More

AA22-131A: Protecting Against Cyber Threats to Managed Service Providers and their Customers

Original release date: May 11, 2022 Summary Tactical actions for MSPs and their customers to take today: • Identify and disable accounts that are no longer in use. • Enforce MFA on MSP accounts that access the customer environment and monitor for unexplained failed authentication. • Ensure MSP-customer contracts transparently identify ownership of ICT security …

AA22-131A: Protecting Against Cyber Threats to Managed Service Providers and their Customers Read More »

Read More

Zero Trust Networks: What Are They?

Zero Trust Networks: What Are They? The internet has brought a world of opportunity for businesses. It is easy for companies to reach out to consumers and offer them products or services without a physical storefront. However, this also opens businesses up to the risk of data breaches and cyber attacks. Cyber attacks can be …

Zero Trust Networks: What Are They? Read More »

Read More