Fri, Aug 28, 2020
Andrew Beckett, Managing Director and EMEA leader and Alan Brill, Senior Managing Director, in the Cyber Risk practice of Kroll, a division of Duff & Phelps, highlight the rise of SMS phishing scams in an article for FTAdviser. Over 2.4 million self-employed individuals and freelancers in the UK are currently taking advantage of the Her Majesty's Revenue and Customs (HMRC) program to help them cope with the financial impact of COVID-19. However, as individuals seek relief, bad actors seek to profit from the current vulnerabilities. Utilizing SMS phishing (smishing) scams, they are luring unsuspecting professionals and individuals to an HMRC branded government gateway and stealing their sensitive data.
According to Andrew and Alan, as email firewalls and fraud detection systems get more sophisticated, bad actors are increasingly leveraging smishing scams. A recent Verizon report found that 85% of attacks on mobile devices now take place via media other than email, as professionals are less accustomed to the tell-tale signs of a scam in their text messages compared to email. Andrew and Alan go on to discuss the approach employed by bad actors given the COVID-19 crisis and the best practices for individual and professionals to protect themselves from such scams.
Read the full article here.
Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.
Kroll's cyber risk assessments deliver actionable recommendations to improve security, using industry best practices & the best technology available.
Kroll's data privacy team provide DPO consultancy services to help you become and stay compliant with regulatory mandates.
A notification letter can generate lots of questions for those affected by a data breach. Kroll’s call center services are provided by skilled representatives who know how to handle difficult questions and stand at the ready to serve your breached population.
Services include drafting communications, full-service mailing, alternate notifications.
Proactively identify vulnerable systems and devices that may be exploited by an attacker or malicious software, often resulting in data loss or breach.