Almost every week we published news on our newsletter of the Week of Information Safety about large companies that had losses with phishing.
If large companies, which have professionals and financial resources to invest in safety, are victims of phishing , imagine SMEs that need to optimize spending, and issues such as security are almost never a priority.
According to a new survey by the German security company HSB, US small businesses report an increase in suspicious emails. And the main problem is that employees are biting the bait by falling on these phishing schemes and transferring tens of thousands of dollars from the company's back to fraudulent accounts without realizing it.
According to the survey, more than one third (37%) from companies received an email from someone who pretended to be a manager, director or supplier requesting payments.
And amazingly, almost half of the employees who received these emails (47%) responded by transferring funds from the company, causing losses in the range of $ 50,000 to $ 100,000, more than half a million reais in the current price .
This blow is quite convincing because, in many cases, cyber criminals get access to commercial email accounts and falsify the identity of company managers.
security practices before making any email order. Do not just trust the email, call the person and confirm that payment is legitimate before transferring the money." Said Timothy Zeilman, vice president of HSB.
This is Brazil!
I know the survey refers to US companies. But Brazil is the country that receives the most phishing attacks around the world . According to a survey by Axur, a Brazilian risk monitoring company on the Internet, already in the first quarter of 2020 Brazil hit a new record in the number of attacks .
We then received from customers examples of phishing emails. This messages are used in blows that try to steal access to the email account, bank access data, credit card data and others. Here are some recent examples.
Examples of phishing
The first example is an email with the subject “Note :: Email will be blocked. It exceeded the storage limit…”.
One of the main features of phishing emails is orthographic errors and out-of-context phrases.
Now pay attention to the page and address to which the user is redirected when clicking the "Login" button.
This page is a copy simulating Locaweb's webmail and hosted on ElasticBeansalk. The user, inattentive, can inform the access data and your account will be used by criminals.
Now see the example below where criminals try to simulate an email from Banco do Brasil, stating that the security of the device has expired and it is necessary to update by clicking the link.
After clicking on the link, the user is redirected to the image page below.
Amazing isn't it!? This blow certainly made many victims!
How to keep your office protected against fraud
Lumiun serves small and medium -sized companies from all over Brazil, providing in a single platform to control internet access need for technical knowledge. All office equipment is protected and the most productive employees by blocking websites outside the scope of the work.
See in this video the operation of a phishing attack, and how Lumiun takes action to protect his company:
Visit www.lumiun.com , request a demonstration or consult the plans and values to make your office safer and more productive easily and quickly.
3 Comments
Comments closed