Employees Also Received Fraudulent Give Your Opin
Instructions :
- Discussion contributions reflect thorough preparation.
- Ideas offered are usually substantive and provide good insight and sometimes direction for the class.
- Class comments and demeanor support an open and encouraging class environment.
- Arguments are usually well supported and often persuasive.
- Comments usually help others improve their thinking.
Read Response-1 below and give your opinion on response given by one of your classmate. your answer should be supported with research unless the question is opinion oriented.. Responses to discussions below should not be “I agree” or “I like the way you stated that.” These responses should again be insightful, offering an opinion or facts based on your research and experiences. The response to one classmate should be a minimum of 200 words. See APA criteria for citing resources.
Question-1 : our boss mentions that recently a number of employees have received calls from individuals who didn’t identify themselves and asked a lot of questions about the company and its computer infrastructure. At first, he thought this was just a computer vendor who was trying to sell your company some new product, but no vendor has approached the company. He also says several strange e-mails requesting personal information have been sent to employees, and quite a few people have been seen searching your company’s trash dumpsters for recyclable containers. Your boss asks what you think about all of these strange incidents. Respond and be sure to provide recommendations on what should be done about the various incidents.
Response-1 ( Below is response given by some individual for above question, Read Response-1 below and give your opinion on response . your answer should be supported with research unless the question is opinion oriented.. Responses to discussions below should NOT be “I agree” or “I like the way you stated that.” These responses should again be insightful, offering an opinion or facts based on your research and experiences. The response to one classmate should be a minimum of 200 words. See APA criteria for citing resources. You must provide a minimum of a reference, in APA format, in your original response.)
Information is one of the most important assets of the organizations. In today’s world, Information Security is becoming a challenge to any organization to protect their information and conducts their business this is because of lack of understanding the importance of information security
By considering the above scenario, it is identified that the personnel obtained many calls from unknown people and tried to gather the organization’s data which falls under vishing attack, this is due to lack of information security knowledge in terms of keeping their information, the organization is easy to be attack by hackers.
The employees also received fraudulent emails requesting for the personal information which comes under phishing attack. The main intention of the attacker is to install a malware or disclose sensitive information. Since they rely on human curiosity and impulses, phishing attacks can be difficult to stop.
Dumpster Diving is another type of attack, in which an unwanted person going through the company’s trash to look for some confidential information like access codes, passwords, telephone numbers, account login credentials, employee information etc., This kind of attack is becoming less relevant in today’s digital world, but there might be some occasions where it happens.
As an employee when we come across this situation, it is better to ensure the company has necessary firewalls and anti- protection measures are taken when these kinds of situations occur. According to above situation, when you asked to give recommendations to overcome such incidents following are the steps to be taken:
1. To ensure careless internet browsing is avoided and take necessary measures, like block browsing sites which are compromising the company’s information.
2. Educate employees regarding security awareness, instruct them not to click on unnecessary links and emails received and explain them the consequences faced.
3. Cross-cut shredders should always be used, and it may be helpful to have several throughout the facility for easy access.
4. The company should also ensure proper security measures are taken such as current firewalls and anti – protection software is installed into the company’s network
5. As an Organization, one needs to set up separate IT security department so that these kinds of situations are taken care of.
References:
Are You Being Vigilant Against a Dumpster Diving Attack? – Social-Engineer.Com – Professional Social Engineering Training and Services. (2018, September 09). Retrieved from https://www.social-engineer.com/vigilant-dumpster-diving-attack/
Conteh, N. Y., & Schmick, P. J. (2016). Cybersecurity: risks, vulnerabilities and countermeasures to prevent social engineering attacks. International Journal of Advanced Computer Research, 6(23), 31-38. doi:10.19101/ijacr.2016.623006