This week:

3 – Your MSP (managed service provider) could also be your MSV (most significant vulnerability)

2 – “When I realised I was scammed, I was dying inside”

1 – Social engineering in action, courtesy of Donie O’Sullivan

 


 

3 –Your MSP (managed service provider) could also be your MSV (most significant vulnerability)

3 – “Managed service providers (MSPs) are businesses that deliver, operate, or manage IT services to and for customers under contract. [..] Cyber actors are known to have an interest in targeting MSPs and using compromised MSPs to target customers”.

This is according to a recent joint advisory from the US’s NSA (National Security Agency) and CISA (Cybersecurity & Infrastructure Security Agency). They advise that “when selecting an MSP, organizations should consider security and risk management as part of their criteria”.

So what? Make sure your MSP is focused on security (both theirs and yours), and not just on scaling their bottom line. A simple rule-of-thumb is to only use an MSP that has a security certification (e.g. ISO 27001) because it indicates that someone in the MSP is thinking about security and risk. Otherwise, your MSP (Managed Service Provider) could also be your MSV (Most Significant Vulnerability).
 


 

2 – “When I realised I was scammed, I was dying inside”

“A couple have warned people to think twice about booking accommodation through social media after falling ­for a scam that nearly ruined their wedding.”

This is according to a report in the Irish Independent (and recently shared on LinkedIn by Detective Superintendent Michael Cryan). The scam involves people being fooled on social media sites like Facebook into paying for accommodation that does not exist.

So what? Wherever you go, the scammers will follow. Before you make any payment, follow the advice provided in the article: Be wary of too good to be true offers, or when there is a sense of urgency. Only use trusted sites and only use trusted payment methods.
 


 

1 – Social engineering in action, courtesy of Donie O’Sullivan

“You have stolen about $2,500 and WORST OF ALL, you have put me in a middle seat on a five hour flight. And they just let you do it?”

This 4-minute video is another classic from CNN’s Donie O’Sullivan, with social engineering expert Rachel Tobac (Recently shared on LinkedIn by Joshua Cayo). It shows how some of the best cyber attackers don’t need to be tech geniuses. They just need to know how to fool people.

So what? If you have a teenager in your life, I’m sure you’re frequently accused of TMI (Too Much Information). When it comes to the amount of information you share online, listen to your teenager.