Work Traveling - You’re a Prime Hacker Target

Uploaded on 2016-10-31 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

As if the stresses and headaches of business travel weren’t enough, there’s one more thing to worry about while traveling in unfamiliar places: the security of your email. 

Thanks to the rapid ascent of spy-mail, email that secretly reveals a recipient’s location and behavior when it is opened, criminals can invade an out-of-office executive’s inbox to steal confidential information.

According to an FBI public service announcement issued in June, there has been a 1,300% increase in losses tied to “business email compromise” since January 2015. Although any company is at risk, these attacks are most likely to target firms that regularly send money overseas or those that have access to sensitive information, such as medical companies, attorneys, and accountants. To date, instances have been reported in all 50 US states and in 100 countries, amounting to a financial impact of $3 billion.

For the most part, these successful attacks are not the result of Cyber criminals blanketing companies with malware-laden links or attachments and hoping for a click (as was often the case in the past). Instead, infiltrating a corporate network and siphoning off sensitive data is about meticulously gathering information over an extended period, and then using that information to launch a precision strike targeted at one or two employees. One way this information is being gathered is via spy-mail, a regular email with a hidden tracking code.

Here’s how it works. Each time a traveling executive opens spy-mail, they reveal a wealth of private information, their current location, the time of day they read their email, the hotel at which they are staying. Scammers can use this information to craft believable phishing emails or phone calls, targeting the executive or their unsuspecting colleagues back at the home office. 

Because spy-mail looks like any other email, the receiver is unable to determine which emails are tracked with the invisible extension, making cybersecurity on the road much more difficult to manage.

Say, for instance, an executive opens a spy-mail while meeting with a supplier in a politically, economically, or socially unstable country. Knowing that the business leader is in a volatile part of the world, malicious third parties can formulate an attack by harnessing the fear and uncertainty that accompanies such travel. 

The attack may include, for example, spoofed emails from the executive abroad, saying that they are in a dangerous situation (e.g., there has been a terror attack, they have been kidnapped, etc.) and need money. In an extreme case, information gathered through spy-mail can be used to plan an actual kidnapping. According to one report, there are 40,000 kidnap-and-ransom cases each year, many of which involve executives on business travel.

Malicious actors also use the fact that an executive is out of the office to dupe their person’s coworkers into sending corporate files or other sensitive data. Earlier this year, companies including Advanced Auto Parts and Snapchat fell victim to fraudsters posing as company leaders, who pilfered employee W-2s and used them to file fraudulent tax returns. Information captured by spy-mail can help hackers can send believable emails, with the correct sender, recipient, context, and time-stamp, to an executive’s HR department or payroll vendor, asking for confidential records at a time when they know the executive won’t be around to detect it.

How can companies avoid an email-borne crisis? No corporate cybersecurity strategy is complete without a plan for safeguarding the organisation’s data when business leaders are away. And simply banning executives from checking email when traveling, even if it isn’t a work-related trip, is not a realistic solution. As the email threat landscape evolves, organisations must adapt their defenses accordingly. 

Here’s how:

Train for awareness. Employees can’t guard against Cyberattacks if they are ignorant of the threats that surround them. Offering periodic, engaging training that defines spy-mail and phishing from an end-user perspective, and that illustrates the ramifications of each, is a necessary step toward making employees more vigilant. According to PWC and KPMG, only 53% of companies have employee security-awareness and training programs, and only 50% of CEOs feel prepared for a cyberattack.

Establish executive travel email protocol. No IT manager will successfully unchain the C-suite from their inboxes, even when on vacation. Organizations should, however, implement policy controls to identify and mitigate the risk of spy-mail and phishing attempts while executives are on the road. For example, finance departments should outline a protocol that executives must follow in the event that they need to request money while traveling. When a request comes through that doesn’t adhere to the set protocol, the scam is less likely to succeed.

Add an extra layer of inbox security. When traveling, business leaders need to be focused on the task at hand, not on safety and Cybersecurity issues. Adding spy-mail protections to conventional spam filters and firewalls can help safeguard company data and give traveling executives peace of mind.

As companies are learning the hard way, email scams are a growing problem, resembling bank heists in the amount and sophistication of the intelligence gathering that goes into them. 

Knowing when and where executives are traveling and emailing is a necessary piece of information for many of these attacks. By training employees, putting appropriate travel policies in place, and adopting the latest security software, companies can reduce the risk of falling victim to one of these attacks.

HBR
 

 

« DDoS: Deceptive Denial Attacks
2016 Trends in Cyber Crime »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CDW

CDW

CDW is a leading multi-brand provider of information technology solutions to business, government, education and healthcare customers in the United States, the United Kingdom and Canada.

SecurePay

SecurePay

SecurePay is Australia's premier payment gateway, with a range of secure online payment solutions for online retailers, SMEs and enterprise businesses.

idappcom

idappcom

idappcom provides unique industry approved software solutions for auditing and enhancing the threat recognition and response capabilities of your corporate security defences.

Raz-Lee Security

Raz-Lee Security

Raz-Lee Security is the leading security solution provider for IBM Power i, otherwise known as iSeries or AS/400 servers.

Comarch

Comarch

Comarch is a provider of IT business solutions to optimize operational and business processes. Cyber security solutions are focused on Identity Management and Security Assessment services.

AVeS Cyber Security

AVeS Cyber Security

AVeS combines expert knowledge and services with leading technology products to provide comprehensive Information Security and Advanced IT Infrastructure solutions.

Langner

Langner

Langner is a software and consulting firm specialized in cyber security for critical infrastructure and large-scale manufacturing.

Brighter AI

Brighter AI

Brighter AI empowers companies to use publicly-recorded camera data for analytics & AI while being compliant with increasing data privacy regulations worldwide.

Forum of Incident Response & Security Teams (FIRST)

Forum of Incident Response & Security Teams (FIRST)

FIRST is the global Forum of Incident Response and Security Teams.

Silicon Cloud International

Silicon Cloud International

Silicon Cloud is a high performance and secure cloud computing platform for engineering and scientific applications.

Chartered Institute of Information Security (CIISec)

Chartered Institute of Information Security (CIISec)

CIISec is dedicated to helping individuals and organisations develop capability and competency in cyber security.

Lucidum

Lucidum

The Lucidum platform helps you assess risk and mitigate vulnerabilities by finding and correlating data from your security tech stack.

ThreatNG Security

ThreatNG Security

ThreatNG is redefining external attack surface management (EASM) and digital risk protection with a platform of unmatched breadth, depth, and capabilities in thwarting technical and business threats.

Commission Nationale de l'Informatique et des Libertés (CNIL)

Commission Nationale de l'Informatique et des Libertés (CNIL)

The mission of CNIL is to protect personal data, support innovation, and preserve individual liberties.

Blue Cloud Softech Solutions

Blue Cloud Softech Solutions

Blue Cloud Softech propels inspiring digital transformations. We provide AI products, cybersecurity, healthcare technology, and cloud solutions.

ZEST Security

ZEST Security

The ZEST platform natively integrates into your technology stack to make efficient risk remediation possible.