Hackers mimic CXOs to swindle money off lower-level staff

NEW DELHI : Last week, Patrick Hillman, the chief communication officer of crypto exchange Binance, wrote a blog post explaining how scammers had created deepfakes of him using interviews he had given to various TV channels in order to scam crypto users on social media. While Hillman’s case is a particularly advanced incident, security experts have noted that hackers impersonating top-level company executives has become commonplace nowadays.

“Phishing and scamming threats, where attackers pretend to be from our company and try to dupe our own employees, are extremely common. They are not just restricted to emails, and spill over to WhatsApp as well,” said B.K. Raju, chief information security officer (CISO) at state-run Oil and Natural Gas Corporation (ONGC).

While citing one such attack on Tuesday, cybersecurity solutions firm Check Point said most of these incidents fall under a form of cyberattack called Business Email Compromise (BEC). The company blocked a similar attack where hackers impersonated a company’s chief financial officer (CFO) to swindle money from lower-level employees.

To do so, hackers first find legitimate email addresses from a company’s finance division. They then create similar looking addresses and send mails to company executives, asking them to transfer money to a customer, or for other purposes. They could also ask for access to sensitive information about the company.

According to Makarand Sawant, vice president—information technology at Sahyadri Hospitals, a private hospital chain in Maharashtra, such threats have gained greater prominence over the last 2-3 years. He added that deploying advanced threat protection (ATP) solutions, like a cloud-based email filtering service, can help protect firms, but no organization is fully immune to such threats.

“The company has also deployed XDR (extended detection and response) solutions that help detect, prevent and mitigate host-based cyber risks and threats,” he added. XDR solutions use telemetry, data analysis and more to find security threats before they can hurt a company, while cloud-based email filtering tools are meant to catch spam emails before they hit employee inboxes.

That said, while solutions like this can help, J.S. Sodhi, group chief information officer and senior vice president at Delhi-based Amity Education Group, noted that “user awareness is key” to mitigating phishing, spoofing and other threats.

“We conduct rigorous security awareness and training to help reduce the chances that employees will click on phishing links or fall victim to other types of attacks,” he said.

ONGC’s Raju, agreed, saying that to handle such threats, the company organizes regular initiatives to train their employees about such threats.

“At the end of the day, it is the individual more than the company that pays the price, since most of such bulk scam attempts only have financial gains in mind,” said Akshat Jain, chief technology officer of Indian cyber security firm Cyware.

“The key threat that has risen with remote work is the use of both personal and work emails on the same browser window, and the overlap of work resources,” said Jain.

“Proxies are being increasingly put in place to filter out such threats, but the risk of an unaware employee is still there,” he added.

Catch all the Technology News and Updates on Live Mint.
Download The Mint News App to get Daily Market Updates & Live Business News.

More
Less

Subscribe to Mint Newsletters

* Enter a valid email

* Thank you for subscribing to our newsletter.

Post your comment

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.