The Recycler
  • Nubeprint Online 425x90
  • ECs TEmp AD
  • Ninestar Masthead banner July 2021
  • Katun March Web Advert 2021
  • Biuromax Web ad May 2021

Gone phishing: Xerox publishes scam guidance

Gone phishing: Xerox publishes scam guidance

July 12, 2018

The OEM has published a blog in which it illuminates readers as to three ways to tell when they are falling victim to a phishing scam.

Xerox calls phishing “the primary method hackers use to obtain victims’ personal data,” with the added note that “email is the most vulnerable form of communication”, owing to the ease with which someone can forge a counterfeit identity, and the fact that the medium “represents an easy way into nearly any organisation.”

This is particularly the case for large businesses where the employees will not all be familiar with each other, and where an email from someone in higher management “will often be taken at face value.”

As Xerox says, “you can build the biggest, strongest, most secure walls around your data infrastructure, but it only takes one careless employee to accidentally invite the enemy through the front door.” Therefore, it has presented its three biggest red flags for suspicious emails, to prevent yourself getting phished.

The first of these is mismatched names, which the OEM calls “the biggest telltale signs of known phishing scams.” It explains that whilst the From field in an email may seem legitimate, a check of the email address itself may not correspond. Often it may be a slight difference, like a hyphenated version of the company name, or it may be something completely different. Another giveaway along similar themes is if an email from a trusted third-party doesn’t use your own name in the opening to the email.

The second red flag highlighted by Xerox is emails from unknown figures (often supposed authority figures) saying “Urgent Action Required”; the OEM points out that employee intimidation is “exactly what cybercriminals want.” It recommends that your company’s cybersecurity policy should either “provide for verification of urgent action emails – or simply require that urgent actions be communicated by more secure means.” This is especially the case for any emails which threaten punishment or damage for not taking “urgent action.” Xerox also recommends verifying any suspicious emails of this sort by phone, stating that “occasionally annoying the CEO is far preferable to accidentally allowing a high-profile data breach that costs millions of dollars and generates widespread public distrust in the company.”

Thirdly, Xerox warns readers to be wise to embedded links, as cybercriminals can forge domain names as easily as they can forge email addresses. “Most people are not familiar with DNS naming structure,” the OEM states, “and will fall for a link that looks legitimate.” The blog adds that “cybercriminals using an IDN homograph attack can even forge a domain that looks exactly like the domain they are impersonating using international character symbols,” warning that “no human eye could tell the difference.”

The blog concludes by reassuring readers that there is still time to formulate a response to the results of phishing, such as malware or ransomware, as these programmes often don’t take root in a network immediately. Xerox recommends appointing a cybersecurity expert, and having them install a comprehensive security suite to “thwart would-be attackers before the attack is fully triggered. If you have reason to believe your network might be compromised, the time for a full-scale audit is now.”

You can read the blog in full, here.

Categories : Around the Industry

Tags : Cybersecurity OEM Phishing Scam Xerox

  • Apex web ad May 2021 version 2
  • GM Technology web banner September 2021
  • GPI September 2021 Advert
  • Static Web ad July 2021
  • Ninestar Big & Bold July 2021
  • Mito September 2021 Web Advert
  • IR Italiana Web ad January 2021
  • Aster AUGUST Web banner 2021
  • Armor May banner Ink
  • PCL Web ad January 2021
  • CTS Toner Supplies Web ad April 2021
  • Ohana July 2021 web advert
  • ITP Web ad January 2021
  • CET Web ad September 2021
  • HYB Web ad February 2021
  • PW Dubai December Ad
  • Adter Recruitment Web ad April 2021
  • Adter Recruitment Web ad April 2021
  • CTS Toner Supplies Web ad April 2021
  • PCL Web ad January 2021
  • HYB Web ad February 2021
  • CET Web ad September 2021
  • ITP Web ad January 2021
  • PW Dubai December Ad
  • Ohana July 2021 web advert
  • CTS Toner Supplies Web ad April 2021
  • Ohana July 2021 web advert
  • HYB Web ad February 2021
  • PCL Web ad January 2021
  • Adter Recruitment Web ad April 2021
  • PW Dubai December Ad
  • ITP Web ad January 2021
  • CET Web ad September 2021

The Recycler, Wittas House, Two Rivers, Station Lane, Witney, OX28 4BH, United Kingdom | Tel: +44 (0) 1993 899800 | Fax : +44 (0) 1993 226899
©2006-2021 The Recycler - Terms & Conditions - Privacy Policy including cookie use

Web design Dorset | Websites by Mark