May 16, 2018

Phishing with Dynamite

                 If you’re familiar with KCG and what we do then you know how important cyber security and cyber hygiene is. Even the biggest corporations and government agencies are subject to cyber attacks. But what does that mean for smaller businesses? It means they must stay vigilant at work and on social media as well.


                 According to The New York Times, just last year a Pentagon Official’s computer was attacked via a link from Twitter. While businesses and government agencies around are training their staff to think twice before opening an email, hackers have already moved on to a new kind of attack: targeting social media accounts. When one person is compromised, attacks can move quickly through that person’s friend network, leading to a nightmare situation where their entire social network is attacked.

                 This technique is known as “Spear phishing,” or the act of sending a malicious file or link through a seemingly innocuous message. Pentagon officials say the scale of the spear phishing attacks is unlike anything they had ever seen before. A report in Time Magazine revealed that a Russian-led cyber attack attempted to spear phish 10,000 Twitter accounts belonging to Defense Department employees, using personal messages targeted at specific users.


                 What can you and your employees do to defend against these seemingly unstoppable attacks? First, you must build awareness about social media security. Companies should expand their phish testing to social media sites as quickly as possible. Another technique is to implement real-time external risk monitoring capabilities to identify when a targeted attack is happening. Last but certainly not least, your network professionals need to be able to remediate risk. Network security is only protected through consistent monitoring, and proactive action.


                 When it comes to securing social media, business should start by enabling multi-factor authentication. This forces anyone logging into an account to supply a code sent to an external device or use other 3rd party software. Employers should also enforce frequent password updates to avoid reuse of passwords and increased security risk. Update and review your security settings on all digital and social media networks regularly. Another method for practicing safe social media is to pay attention to your connections, make sure that you know all of the friends in your network and that those accounts have not been compromised. The more connections you have on social media the more vulnerable you are to attacks through no fault of your own. Finally, you must stay vigilant when monitoring your social media and digital channels for business and security risks because the task of staying secure is becoming more difficult as cyber-attacks are evolving with the digital landscape.

                 While the world of cyber security can be daunting, our team at Klett Consulting Group is here to help. Email us at if you have questions about cyber security, and what KCG can do to protect you business.