Modern business leaders must be vigilant against modern threats. After all, digital technologies are a crucial tool in the battle for competitive advantage, yet at the same time they have the potential to create risks – whether from internal staff or outside parties – that require a solid cybersecurity focus from the organization.
A recent addition to the pile of business security threats is ‘malvertising’. In basic terms, it’s online advertising published with the intent to spread malware or harmful software components via mass channels. The danger is their ability to infiltrate and publish themselves on legitimate networks and websites, and Georges Akl, Regional Business Development Manager at Canon, says it is because they appear so innocuous that they are such a threat to business security.
“Once a user is exposed to the ad, which looks like any normal ad, they will be tempted by the content,” he says. “Once they click, this is called the ‘bait’, because once this action is completed the receiver can be infected via several hacking techniques.”
Akl believes there are three core reasons why malvertising can be a threat to mobile phone users in particular:
Phishing attacks, on the other hand, are nothing new. In fact, they have permeated the digital culture for decades. So how are they still so prevalent, and why are they a constant threat to business security? The reason, according to Akl, is their simplicity combined with a lack of ability to detect fraudulent communications from external parties.
“The most common scam is to send fake emails that have the same look and feel of a famous vendor or provider,” he says. “Often, fake emails will arrive that look like they were sent from an authentic business, in many cases it could appear to be sent from your bank, your phone or internet provider, or even a senior member of your company. The content will contain some urgent message with the intention to push the reader to click. This psychological deception is deployed through either fear or temptation, with fear often being most effective.”
Also a form of phishing attack, imposter scams fully embrace a legitimate “persona” in an attempt to convince the recipient they are a trusted business source. They may send emails with identical logos to one of your partner companies, or make a phone call impersonating a client or supplier. In terms of business imposter scams, the intended payoff is usually to obtain payment information or, in most cases, confidential information and security logins.
As a business, your staff are constantly using digital devices. While this is essential for the organization to function, the risk of exposure is huge. From web browsers to email apps to personal or business mobile phones, all these tools are being used on a daily basis and are at risk of security attacks.
In order to protect your business in a multi-channel environment, especially one in which all those channels are directly connected to your business IT infrastructure, you need to take steps to lower the risk of attack. After all, one affected device could bring the entire company to a halt due to the domino effect of spreading malware.