The Ninja Sensei’s Logbook: When imitation is not flattery
Employees, being the weakest link in cybersecurity, have been the constant target of bad actors just because they have the level of access that could penetrate the organisation’s cybersecurity.
This could be in the form of hacking for passwords, phishing, and, the most common, email impersonation scams.
Email impersonation scams have become a prevalent problem for an organisation’s cybersecurity, with employees being continuously baited to click a suspicious link or attachment from their email, which appears to be from their boss, colleague, or manager.
With this, organisations must come up with solutions and safeguards to ensure that their employees will not be part of the statistics of those victimised. In Singapore, failure to protect personal data could result in the following:
- A hefty financial penalty from the PDPC, which ranges from S$5000 to S$1 million.
- Botched reputation
- Loss of client’s trust from customers, both current and potential ones
Of course, there is a way to prevent this
Since email is still the main way businesses communicate with each other, it is important to protect against impersonation attacks and reduce the security risks of email. Organisations that want to make sure they have full protection should focus on training their employees to be aware and on machine-intelligent security solutions that stop impersonation emails from getting to employees’ inboxes.
Furthermore, your appointed DPO can help. Whether in-house or outsourced, DPOs complement the efforts of organisations in making sure that the organisation’s email environment is safe from any threat actor who wants to infiltrate its servers and system in general.
It also ensures that policies are set in place, and employees are well aware of the danger that email impersonation brings.
P.S. Got questions or do you need help with your cybersecurity and data protection compliance journey? Don’t hesitate to reach out to us. We are always a text/call or email away!
📱 WhatsApp: +65 8750 4250
📧 email: ninjas@privacy.com.sg
