Reports of data breaches in North Carolina have more than tripled from 2015-2016. And remember, it’s only March!
- The Attorney General’s Consumer Protection Division says 26 phishing breaches have been reported so far this year.
- 16 of those data breaches in North Carolina came in the past two weeks.
- There were only eight phishing breaches reported in all of 2015 in NC.
Under North Carolina law, businesses must notify the Attorney General’s Office, along with those affected, when records containing personal information are lost, stolen or accessed improperly. That personal information can be Social Security numbers or credit card or bank numbers.
According to the AG, the ever resilient hackers are putting new twists on their phishing attempts. They are now using technology to spoof an email address, making it look as if it came from a boss, or higher up in the company. Criminals are also adding what may seem to be unlikely targets to their attacks. Just as Ransomware criminals are targeting small and midsized organizations, phishing attackers are going after churches and non-profits.
An employee at a church in North Carolina received an email that appeared to be from the pastor asking her to transfer thousands of dollars from one bank to another. A TNT customer received similar emails. However, management had already educated employees about the scam, and therefore they didn't fall victim like the church did. we've also heard of employees at a business in Union County that received an email apparently from the boss with an invoice attached. Thankfully, in that case, the employee did not click on the attachment.
Another twist in these breaches is that the hackers are targeting employee payroll information along with all the traditional pieces of information stolen.
This uptick in phishing attacks is the precise reason companies need to ensure they have the most secure network possible.
- You also need to educate employees about these attacks, and the new tactics.
- Encourage end users the message is real by calling the alleged sender.
- Ensure that you don’t have holes in your network that will allow criminals to slip in.
Contact The Network Team to find out how you can be more proactive vs. reactive to the treats to your network security.