Phishing scheme shows CEOs may be ‘most valuable asset,’ and ‘greatest vulnerability’
Posted January 26, 2021
- Cybercriminals have been using a phishing kit featuring fake Office 365 password alerts as a lure to target the credentials of chief executives, business owners and other high-level corporate leaders.
- “CEOs and high-level executives are accustomed to being thought of as an organizations’ biggest asset, while increasingly attackers see them as the greatest vulnerability,” said Eyal Benishti, CEO at IRONSCALES. “This is a dichotomy that executives must be humble enough to recognize as true, so that they can play an active role in their company’s risk mitigation. Overall, CEOs and other executives must lead from the front and act as a personal example to make sure everyone sees security as a top priority.”
- CEOs and other top executives sometimes view email security mechanisms or policies as “an inconvenience to them” and because of that, they behave in a way that is “an exception to the rule.”
- Some senior executives also use a personal assistant to go through emails, which can impact the individual’s ability to spot suspicious messages.
- Companies can take steps to help educate their executives on targeted threats by customizing their email security awareness training according to job function.
– Bradley Barth | January 26, 2021