Hackers could ask employees for access to sensitive information about their company

NEW DELHI : Last week, Patrick Hillman, the chief communication officer of crypto exchange Binance, wrote a blog post explaining how scammers had created deepfakes of him using interviews he had given to various TV channels in order to scam crypto users on social media. While Hillman’s case is a particularly advanced incident, security experts have noted that hackers impersonating top-level company executives has become commonplace nowadays.

“Phishing and scamming threats, where attackers pretend to be from our company and try to dupe our own employees, are extremely common. They are not just restricted to emails, and spill over to WhatsApp as well," said B.K. Raju, chief information security officer (CISO) at state-run Oil and Natural Gas Corporation (ONGC).

While citing one such attack on Tuesday, cybersecurity solutions firm Check Point said most of these incidents fall under a form of cyberattack called Business Email Compromise (BEC). The company blocked a similar attack where hackers impersonated a company’s chief financial officer (CFO) to swindle money from lower-level employees.

To do so, hackers first find legitimate email addresses from a company’s finance division. They then create similar looking addresses and send mails to company executives, asking them to transfer money to a customer, or for other purposes. They could also ask for access to sensitive information about the company.

According to Makarand Sawant, vice president—information technology at Sahyadri Hospitals, a private hospital chain in Maharashtra, such threats have gained greater prominence over the last 2-3 years. He added that deploying advanced threat protection (ATP) solutions, like a cloud-based email filtering service, can help protect firms, but no organization is fully immune to such threats.

“The company has also deployed XDR (extended detection and response) solutions that help detect, prevent and mitigate host-based cyber risks and threats," he added. XDR solutions use telemetry, data analysis and more to find security threats before they can hurt a company, while cloud-based email filtering tools are meant to catch spam emails before they hit employee inboxes.

That said, while solutions like this can help, J.S. Sodhi, group chief information officer and senior vice president at Delhi-based Amity Education Group, noted that “user awareness is key" to mitigating phishing, spoofing and other threats.

“We conduct rigorous security awareness and training to help reduce the chances that employees will click on phishing links or fall victim to other types of attacks," he said.

ONGC’s Raju, agreed, saying that to handle such threats, the company organizes regular initiatives to train their employees about such threats.

“At the end of the day, it is the individual more than the company that pays the price, since most of such bulk scam attempts only have financial gains in mind," said Akshat Jain, chief technology officer of Indian cyber security firm Cyware.

“The key threat that has risen with remote work is the use of both personal and work emails on the same browser window, and the overlap of work resources," said Jain.

“Proxies are being increasingly put in place to filter out such threats, but the risk of an unaware employee is still there," he added.

Download the Mint app and read premium stories

Log in to our website to save your bookmarks. It'll just take a moment.

You are just one step away from creating your watchlist!

Oops! Looks like you have exceeded the limit to bookmark the image. Remove some to bookmark this image.

Your session has expired, please login again.

You are now subscribed to our newsletters. In case you can’t find any email from our side, please check the spam folder.

This is a subscriber only feature Subscribe Now to get daily updates on WhatsApp