Don't Get Fired For An iPad
Who here has worked for a company that experienced a major data breach caused by hackers? I would imagine more than a few of you have seen the fallout from such an event. Interestingly, the underlying conditions that make a firm vulnerable tend to be rather simple: neglect and/or stupidity. Those of you at JPM may remember last summer when over 80 million records leaked out of the network, seemingly caused by the security team's failure to upgrade a server.
However, it's important to remember that JPM's network is absolutely massive. While it's unacceptable that their network team failed to upgrade in a timely manner, it's easy to attributable to a simple mistake. What is utterly insane, is the number of very smart people falling for phishing schemes.
In 2012, researchers at Columbia University sent 2,000 phishing e-mails of various kinds to students, faculty, and staff at the school. The e-mail that lured the most recipients was a bogus promotion for an Apple iPad. In the first round, 176 users not only opened the iPad e-mails, but also clicked the links within them. According to the study, each of those Ivy Leaguers was then warned “that their behavior made them particularly vulnerable to phishing attacks.”Several weeks later, the researchers sent another batch of phishing e-mails to those who had been duped. Despite having been warned, 10 of them opened the second e-mails and clicked the links again. Those 10 were then sent another warning and, after another few weeks, another phishing e-mail. Incredibly, three of them opened the third fake e-mail, and got another warning. By the fourth round, no one opened the e-mails.
If somebody told me that a phishing scheme promising an iPad could achieve an almost 9% conversion rate on young, presumably tech-savvy Ivy leaguers, I would immediately assume they were off by a factor of 100. As it turns out, it's not only easy to trick them, but they don't seem to learn their lesson, either.
I know this is an awfully IT-ish topic for a finance site, but remember, if you are the reason your firm gets hacked, you will get fired. Additionally, given the media attention these data breaches have been getting, if you get explicitly tossed under the bus, you'll also get yourself effectively blacklisted. Very few people can bring in enough profit to offset the cost of one major breach.
Those three were really desperate for an ipad eh?
Rule:
If you see a strange email, either:
A.) don't click on any links. Send it straight to the "junk" folder.
B.) look up the sender's email address, and what company it's associated with. If it's not legit or its gmail, junk it. If the links don't go to the same domain or the domain of another reputable company, junk it.
And it didn't take an Ivy League education for me to figure that out!
Quos alias pariatur qui non praesentium. Sint reprehenderit tempora et explicabo omnis voluptas eius possimus. Repellat ipsa deleniti vitae consequatur eius soluta molestiae quam. Impedit voluptatem et facere soluta consequatur.
See All Comments - 100% Free
WSO depends on everyone being able to pitch in when they know something. Unlock with your email and get bonus: 6 financial modeling lessons free ($199 value)
or Unlock with your social account...