Currently our participation and test scores, within Cyber Security Awareness Training, has been at an all-time high. Suspicious emails are being reported and deleted as they are being received. However, cyber criminals are continuing to elevate their level of deception by utilizing much more convincing methods. Our company logo, email signatures, position titles, and other methods of identifications are now being utilized to trick employees into clicking or providing company credentials. These fake emails are being received at a much higher rate.
As a rapidly growing company, Lone Star Communications has seen a rise in new employee attacks along with much more personalized conversations within an attack. Let us remain vigilant at examining any emails that are requesting any company or personal information. Keep encouraging Cyber Safety conversations with one another and with new employees as they are onboarding. You are a key part of our security defenses so make sure to include new and existing employees in our daily conversations of phishing risks. We will continue to
train employees to recognize and report attacks and to understand the impact they can have on the organization. Cyber Security awareness training is not a once-a-year box tick. We will continuously utilize Defendify for education and simulated attack exercises, as well as general awareness through video posters. Here are a few things to watch for and stay Cyber Safe!
1. Always confirm the actual sender's email address. The name may be correct, however, the email address itself will not be a lonestarcom.com address.
2. Make the call. Our customers, business vendors and partners are not immune to cyber-attacks. If you have a suspicion, reach out by calling the sender if you have the sender's contact information.
3. Be aware of emails that appear to come from mobile phones. These will more than likely have “Sent from mobile” in the signature.
4. Our Executive Team does not EVER request for employees to purchase gift cards.
5. Confirm employee benefits, payroll, or personal information emails with human resources with a phone call.
6. Do not hesitate to have your email authenticated by reporting to your local Lone Star Communications IT professional or email@example.com
Verify who you are connecting with: We advise you to be selective with friend requests and think twice before you accept the request. If you do not know the person, it is better not to accept their request as it could be a fake account. Simply put, when you accept a request, the information and photos on your account that were restricted from public view become viewable by your new friend. We believe that it is not a good idea if you let a total stranger see the information or images on your social media account.
May Cyber Security Defender
Joe Jackson, VP of Sales and Marketing
Joe caught and reported a detailed, targeted phishing email concerning his employee benefits that contained the company’s logo and signature. The email was an attempt to get his credentials.
-Brian Banks, Internal Information Security Officer