Cybercriminals are becoming increasingly sophisticated in their attempts to steal personal information (PI). Threat intelligence researchers are warning of a malicious search advertising phishing campaign that leverages Google Ads to carry out payroll redirect scams.
Here’s how it works: Cybercriminals buy search ads with optimized keywords to have their phishing pages rank at the top of Google Search results. These pages are aimed to lure victims into providing access to their company’s employee portal. Once the employee’s account is accessed, the attackers use additional credential information—such as social security numbers obtained from illicit online forums—to change their banking information to redirect funds to a fraudulent bank account.
Employers must play a vital role in protecting their workplace from these threats. By equipping employees with the right knowledge and tools, you can foster a strong culture of security awareness. Here are 5 things you can do to safeguard your employees and your organization:
Train Your Workforce
Hold regular training sessions to educate employees on identifying phishing emails, fraudulent calls, and other types of scams. Incorporate real-world examples of common scam tactics, such as impersonating a trusted vendor or colleague to request sensitive information. Stress the importance of verifying any unexpected or unusual requests before sharing any data.
Strengthen Internal Security Policies
Establish robust policies for handling sensitive information. Limit access to PI based on role necessity and enforce strong password policies. Require employees to use multi-factor authentication for accessing company systems, adding an extra layer of security.
Deploy Technology Safeguards
Invest in tools like email filters, firewalls, and antivirus software to detect and block potential scams. Regularly update software and systems to patch vulnerabilities that scammers might exploit.
Conduct Simulated Scams
Test your employees’ awareness by running simulated phishing campaigns. Use the results to identify areas where additional training is needed. Periodically review and audit your security practices to ensure they are up to date with emerging threats.
Create a Reporting Culture
Encourage employees to report suspicious emails, calls, or activities immediately. Set up a clear and anonymous reporting process, and ensure employees feel safe sharing concerns without fear of retaliation.
By taking a proactive approach and implementing these measures, employers can significantly reduce the risk of employees falling victim to scammers. Protecting PI isn’t just good practice—it’s a responsibility that ensures trust and security for your workforce.
At Counter Point, security is our priority. We provide thorough training to our staff, equipping them with the knowledge and tools to prevent potential breaches. Using advanced monitoring systems, we detect and manage fraud risks by identifying emerging trends, stopping known threats, and addressing security gaps to protect our customers and minimize financial impacts.
As fraud tactics grow more sophisticated, we stay ahead with cutting-edge monitoring to safeguard both our business and, most importantly, our customers.
