Elections, IPO, Fund raising and Phishing

Elections, IPO, Fund raising and Phishing

Why read this post?

If you are a technology company, a political party heading into elections, a company that is already public or going public and finally a company that is raising money – you cannot afford to miss this post even on the evening of 31st December 2018. We are 6 hours away from the New Years eve in New Delhi, India.

Summary

In 2018 one of the most dramatic moments of disbelief for me was when somebody Emailed me from my Email ID (I knew how to do it and hence did not fall for it). But then he went to the next level, he called my Mother’s phone from my Number, while I was on call with him. I saw my Mother’s phone flashing my name.

So, anybody can be anybody. Point proven. Point taken very seriously.

Detailed read

In 2018, some MailChimp accounts were compromised and malicious Emails were sent. These were fake invoice notifications. These Emails had a .zip file which upon download and extraction installed the Gootkit infostealer. Boom you were compromised.

At the high time of GDPR introduction, some researchers discovered suspecting Emails that appeared to have come from Airbnb. The messages presumed that one was an Airbnb host and that they could not take in any more guests. These Emails had a link which asked for certain key financial and personal details of people to be compliant with GDPR.

Chances are high if that was You or I, we would open this Email and look at the attachment in sheer frustration/ emotion outburst/ horror.

Millions of people compromised, Billions of dollars in lost value

There were other cases where Microsoft detected Phishing attacks during 3 2018 Election campaigns in the US. The elections are under attack around the world.

Large corporations are not spared either. Google has invested heavily in mitigating phishing attempts by giving all its employees a physical security key to login to their computers. This is a step ahead of the 2FA.

How must you get ready?

  1. Get your people trained by experts
  2. Hire an organisation that is already serving several customers and has its AI consistently working to keep you and your customers safe
  3. Like the CRM became fundamental to business growth, let a strong Cyber Security Software Company manage the risk for your business

Any recommendations?

I always make recommendations basis upon the people that I know. Ultimately its the people that will always stand up to be with you. I hence recommend HumanFirewall. Check them out. I know the founding team. They are deeply invested and know their game.