One Massive Hack from Just Thirty Phishing Attempts

Name that Hack…

Some background: Outside hackers sent thirty phishing emails and got one response, and as a result, the entire organization’s emails were compromised. The emails were then posted online, which created embarrassment and scandals that are still being investigated.

Here’s a hint: This organization is a fairly substantial one. You’ve heard of it. Because of its size, it probably thought, “That can’t happen to us.” Perhaps the organization thought its employees were too smart to fall for a phishing attempt.

But they were wrong. And, regardless of your political affiliation, you need to learn the lessons of this true story. Because that organization was the Democratic National Committee.

Is Your Company Vulnerable to Phishing?

Thirty phishing emails got one response. But what about your company? Do you believe your people are too smart to fall for a phishing attempt?

At a recent OpenText event, we spoke with someone who ran a test to see how many people fell for a phishing attempt. It turns out it was quite a few. So they then ran a training session to explain how to avoid falling for phishing attempts, and then repeated the test. The results? The same! Users fell for the phishing scheme as if they had never been to training.

Relying on your users to keep your system safe is a fool’s errand. Your organization needs to implement controls to help ensure that what happened at the DNC doesn’t also happen to your organization. And, bluntly, if you are responsible for the integrity and protection of your information, who is going to get blamed for the fallout from a hack? You!

Get Protected Before You’re Compromised

Guardian by Wertheim Global Solutions can help minimize the impact of hacks on the information contained in a Content Server or eDOCS system. It monitors for strange behaviors by your end users, like a sudden spike in downloads, and takes action to stop them when appropriate.

For instance, imagine an end user’s account gets hacked and at 2:00 AM on a Saturday, the phished account starts downloading emails, an action the user does not typically do. Guardian can send an email or text to the user’s manager, advising him or her of the odd behavior. Even though it’s late and the manager is asleep, Guardian can also disable the user’s account until the activity is reviewed and either approved or not.

Consider how Guardian could have helped the DNC avoid the embarrassment of the disclosure of all its emails right in the middle of the election cycle. Then consider how Guardian can help you avoid the severe consequences to you and your organization if your sensitive emails or documents were to become public or used for other nefarious purposes.

Contact us now, BEFORE your system is compromised.

Give Us a Try:
Translate »