Practically Speaking – Beware of Phishing
Interesting article over networkworld.com about the dangers of phishing scams. As you’ll read in the article, phishing scams have become very sophisticated and if anyone at your company who has access to confidential information falls prey, you’re trade secrets may be at risk. Phishing scams can surreptitiously install a keystroke logger and other programs that allow remote control of the PC. And they’re no longer limited to lower level employees. In fact, the practice of targeting corporate executives and other important employees even has a name–“Whaling.”
According to Lorrie Faith Cranor, director of the Carnegie Mellon University CyLab Usable Privacy and Security Laboratory, phishing plays on human vulnerabilities and is not strictly a technological problem. “Although we have shown that we can teach people to protect themselves from phishers, even those educated users must remain vigilant and may require periodic retraining to keep up with phishers’ evolving tactics.”
The article has a clever approach to raising awareness within your employees of the sophisticated phishing scams. A web-based program called PhishMe will send fake phishing emails to your employees. For anyone who falls for the fake emails and clicks the link, PhishMe will send instant feedback and training on how to spot genuine phishing emails. Great idea.
File this in the “ounce of prevention is worth a pound of cure” file. In other words, even if you follow the advice of this blog to fully protect yourself against trade secret misappropriation, the cheaper and better approach to any trade secret litigation is to avoid it in the first place. Taking this article to heart and ensuring that your key personnel are aware of the tactics and dangers of phishing scams may ultimately save you lots of headache and money, not to mention your competitive edge.
No comments yet.