PKF Francis Aickin Ltd

Latest news from
PKF Francis Aickin

Home News Articles News You have a parcel waiting for you, by Ric McCready, Scottronic Technologies

You have a parcel waiting for you, by Ric McCready, Scottronic Technologies

The text contains a link and if you click on the link two things happen. Firstly, all your contacts and any credentials the malware can find gets sent off to the scammers. Then an app is installed which starts sending more text messages off to all your contacts – and so the cycle goes on. Scams, ransomware, and malware like this have been around for some time. Most people are aware they exist, but a surprising number of people still get caught out.  

What makes this sort of scam interesting from a business security perspective is that many mobile phones are personal devices but are used for business too. These devices will have business data and business credentials stored on them however they are often not subject to the business security practices. This is a good example of how difficult it is for businesses to maintain “visibility” of all their data, devices, apps, and credentials.

Here are a few suggestions of things a business can do to maintain visibility of their IT footprint:

  • Identify all the devices that are connecting to your IT systems – think mobile phones, personal tablets, home computers, IOT devices (printers, security cameras, routers etc.) as well as company laptops and computers.
  • Have a company policy for the use of personal devices – you may want to allow the use of some apps like email and chat but not others like banking and accounts. 
  • Make sure you know all the apps being used in your business. Business apps should use business credentials so that if a person leaves the business, you are able to access the app and retain the business data in it.   
  • Monitor the logs – most IT systems have logs that show who is connecting and any failed connection attempts.  Check these logs on a regular basis or setup automated alerts if these are available.

Keeping visibility of what’s happening in your business IT systems is an important component of overall security. Without visibility it’s very easy to be caught out by those simple scams.     

 

 

See more News items