“Larry Nelson” is probably not who he says he is. Larry’s polished LinkedIn picture, and the vague profile that goes with it, were the first clues that led Jay Mellon to believe he was being targeted by a hacker trying to connect with people at local information technology companies. So instead of accepting this person’s invitation to connect on LinkedIn, Mellon did some investigating.
Using the image search function on Google, he discovered that the face in the picture belonged to Broadway actor Norm Lewis. And the only LinkedIn recommendation for “Larry Nelson” comes from “Lewis Elder.” Who’s he? A local “computer consultant” who bears a striking — striking! — resemblance to a Scottish sports broadcaster named Dougie Donnelly.
Hackers are getting smarter, according to Mellon and other IT experts.
Sure, some of them still send out mass-produced emails from Nigerian princes who want to stash millions of dollars in your bank account (assuming you pay a fee upfront, of course).
Today, however, many of them are much better at “phishing” for victims. They send emails that look like the ones you get from your bank or your college. And some of them use an even more sophisticated tactic called “spear phishing,” which is where a hacker targets people who work for specific industries or companies in an attempt to gather sensitive information, often by infecting their computers with viruses or other forms of malware.
So businesses and their employees have to get smarter, too, because technology can’t always prevent their mistakes.
So you run a small business that doesn’t possess lots of sensitive data? Malware still can cripple your computers.
Even companies that use antivirus software, firewalls and other technology often get infected because of human error.
“The weakest link is the individual,”
Companies should regularly remind employees to be suspicious of emails asking for private information, even if the messages look like they’re from their own company. Businesses should let employees know that reputable institutions don’t send out emails asking for passwords and account balances.
The best technology can’t always make up for human error. Training is important.
Excerpt from Crains Cleveland Magazine