facebook linkedin twitter

Computerware Blog

A Recent Data Theft Shows Us What to Watch Out For

A Recent Data Theft Shows Us What to Watch Out For

Trend Micro, the developer of the popular antivirus program, has attracted some unwanted attention after a former employee managed to steal customer data and sell it to scammers. These scammers then use this data to call Trend Micro customers. If you use Trend Micro’s antivirus solutions, you’re going to want to pay close attention to any calls you get.

What Happened?

We aren’t shy about informing our clients about the potential dangers of allowing access to more than an employee needs to do their job. This is a practical example of why we say that.

The (now former) Trend Micro employee was able to access more data than they needed to have. Trend Micro provided a pretty succinct explanation of the situation, saying that the employee was able to “gain access to a customer support database that contained names, email addresses, Trend Micro support ticket numbers, and in some instances telephone numbers. There are no indications that any other information such as financial or credit payment information was involved…”

The perpetrator's name has not yet been made public, but whoever they were, they were able to bypass Trend Micro’s internal protections.

Consider what it would take for a phone scam to really be convincing: really, if you were called by someone from “Trend Micro” who knew who you were and that you were a user of their product, you wouldn’t have much reason to doubt them, would you? The data that was up for grabs at Trend Micro contained much more information than that, making it potentially even more valuable to a cybercriminal or scam artist.

You Need to Watch Out for Unsolicited Tech Support Calls

As you might imagine, this scam has been around for about as long as there have been personal computers and is in no way exclusive to Trend Micro customers. Tech support scams have been used to target users for years, often profiling users by their age to find victims more likely to fall for the ruse. Combining this profiling with scare tactics and put-on urgency, the scammer is able to shock their target into handing over their credit card information or allowing the scammer to access their PC remotely.

It isn’t uncommon for these scammers to identify themselves as a member of some “Microsoft Windows support team” or another support company. If the targeted business is big enough, a scammer may just claim to be from the IT department.

This is why you have to be sure that all of your employees know how to have their technology support questions addressed through the right channels.

You Also Need to Keep Your Employees from Accessing More than They Need

Take a critical look at the permissions you afford your employees as far as your network is concerned. How accessible are the folders you store your sensitive information in, like a client’s personal data or financial information?

Best practices dictate that an employee only be given access to what they need to do their job, while common sense dictates that you can’t make an employee’s job too difficult for them, either. Striking a balance between the two can be tricky but working with your IT provider to establish permissions makes it far easier.

If you want to avoid potentially running into a similar situation as Trend Micro did, enforcing security policies is a step you need to take. Doing so should include access control to certain files and areas of your network, requiring MFA/2FA (multifactor/two-factor authentication), and quite a bit of planning to put it all together. However, if it keeps your data safe from threats (inside and out), it’ll be worth the damage control you get to avoid.

If you could use some assistance in securing your network and educating your employees about how scams can be identified, give Computerware a call. Our professionals are here to help - call (703) 821-8200 today.

How to Shop Securely This Holiday Season
Start Using Two-Factor Authentication Everywhere, ...


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Tuesday, August 04, 2020

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cwit.com/

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Business Computing Privacy Internet Cloud Software Data Business Management Hackers Hardware Microsoft Workplace Tips Network Security Backup Productivity Hosted Solutions Managed Service Provider Business Productivity Email Malware IT Services Saving Money Efficiency Google Small Business Computer User Tips Collaboration Innovation IT Support VoIP IT Support Smartphones Data Backup Quick Tips Network Business Continuity Mobile Devices communications Disaster Recovery Microsoft Office Data Recovery Gadgets Cybersecurity Social Media Android Upgrade Mobile Office Server Communication Smartphone Virtualization Phishing Mobile Device Management Miscellaneous Holiday Vendor Management Ransomware Passwords Apps Windows 10 Managed IT Services Windows Tech Term Mobile Device Users Outsourced IT Operating System Unified Threat Management Facebook Internet of Things Remote Monitoring BDR Automation Remote Computing Apple Data Management Analytics Managed IT services Mobile Computing BYOD Windows 10 WiFi The Internet of Things Marketing Cloud Computing Artificial Intelligence History Training Save Money Firewall Business Technology Browser App Spam Help Desk Alert Big data Encryption Information Technology Office 365 Budget Bandwidth Managed Service Two-factor Authentication Office Health IT Consultant Cybercrime Access Control Content Filtering Windows 7 Hard Drives Going Green Maintenance Printer VPN Bring Your Own Device Managed IT Gmail Antivirus Government Employer-Employee Relationship Information Retail Windows 8 Outlook Cost Management Hiring/Firing Best Practice Healthcare Lithium-ion Battery Computers Saving Time Tech Support Virus Wireless Technology Search Recovery Covid-19 iPhone Networking Money Document Management Data Security Hacking It Management IBM Blockchain Computing Data Loss Humor Augmented Reality Travel Education Customer Service Project Management Update Remote Work Phone System Avoiding Downtime File Sharing Hard Drive Save Time Downtime Legal Vendor Value Password Mobility Regulations Hacker Computer Repair Running Cable Patch Management Proactive IT SaaS Customer Relationship Management Applications Wi-Fi PowerPoint Intranet Data Breach Law Enforcement Voice over Internet Protocol Twitter Conferencing Administration Solid State Drive Compliance Wireless Data storage Storage Website Risk Management Flexibility Current Events Software as a Service Laptop Business Intelligence Word Business Growth Cooperation Management Digital Payment Google Maps Router Cortana Vulnerabilities Fax Server Social Engineering Comparison Tablet Company Culture Paperless Office Excel Sports Disaster Meetings Social Networking Private Cloud Scam Hosted Solution End of Support User Robot Virtual Desktop Securty Telephony Social Machine Learning Telephone Systems Digital Websites DDoS Black Market Monitoring Cryptocurrency Net Neutrality Memory Managed IT Service Co-managed IT Identity Theft Chrome Inbound Marketing Google Docs User Error Multi-factor Authentication Uninterrupted Power Supply Experience Notifications Vulnerability Cleaning Telephone Monitors eWaste Pain Points Bitcoin Processor Virtual Reality Computer Accessories Office Tips Politics Automobile Data Protection Lifestyle Emails Chromebook Trending YouTube Unified Communications Settings Computing Infrastructure Hack Mouse Downloads Solutions Processors Smart Devices USB How To Professional Services Video Conferencing Programming Presentation Download Statistics Network Congestion Gaming Console Redundancy Distribution Integration IT service Specifications Safety Text Messaging Microchip Taxes Webcam Evernote Streaming Media Virtual Assistant Managed Services Provider Distributed Denial of Service Cost Documents Bluetooth Teamwork Heating/Cooling Entertainment Public Cloud Licensing Start Menu Tech Terms How To Managed Services Mobile Technology Employee/Employer Relationship Microsoft Excel Visible Light Communication Wasting Time Best Available Keyboard Accountants Sync A.I. Device Management Computer Care Logistics Virtual Machines Memes email scam Addiction Bookmark Managing IT Services Webinar Content Management Adminstration Pirating Information Cyber security Domains CCTV Business Managemenet Leadership Google Drive Windows Server 2008 IT consulting Surveillance Migration Reliable Computing Connected Devices Google Play Telephone Service Public Speaking Telework Business Metrics Wireless Headphones Computer Malfunction Spyware Mobile Payment Employer/Employee Relationships Advertising Flash Managing Costs Shortcut Remote Workers Equifax In Internet of Things Fleet Tracking online Currency Electricity Printing CIO Microsoft 365 IT Network Management Browsers Entrepreneur Virtual Private Network Device security MSP Staffing Google Wallet Medical IT Trend Micro Troubleshooting Windows XP Development Desktop Scalability Finance Society Security Cameras Threats HIPAA FinTech Nanotechnology Motion Sickness Social Network LinkedIn cache Television Displays User Tip Proactive Maintenance Environment Upselling Navigation Virtual Machine Competition Data Storage Startup Asset Tracking WannaCry Micrsooft Electronic Payment Best Practives Business Cards Messenger Service Level Agreement Tracking Data Analysis Employees Procurement Username Archive Video Surveillance Corporate Profile Drones eCommerce Business Owner Unified Threat Management Rental Service Backup and Disaster Recovery Skype Time Management Freedom of Information Gamification Cabling GDPR Managing Risk IP Address Organization Microserver Screen Reader Web Server Customer Resource management Saving ZTime Assessment SharePoint Printers SQL Server Books Upload Workers Point of Contact Tip of the week Permissions Language Tech Hypervisor Application PCI DSS Smart Tech Administrator Google Calendar Human Resources Communitications Piracy Touchscreen News Fileless Malware Hybrid Cloud Supply Chain Management HTML Debate VoIP Holidays Get More Done Fiber-Optic Database Supercomputer Harddrive Azure Internet Service Provider Printer Server Mobile Security Worker GPS Knowledge Music Modem Strategy Turn Key Telephone System Consultation switches Writing Proxy Server Software License Reading Trends Samsung Analytic Term Digital Signature Regulations Compliance Multi-Factor Security Recycling External Harddrive Technology Tips Upgrades Electronic Medical Records Transportation IT Assessment Trojan Fake News LiFi Directions Display Remote Working Organize Devices G Suite Audit Recording Optimization Fraud Tactics Employer Employee Relationship Product Reviews Dark Web Free Resource UTM Content Read 3D Ebay SSID Hacks Physical Security Thin CLient Data Warehousing IT Plan Relocation Enterprise Resource Planning Tablets Emergency Hard Drive Disposal Work/Life Balance Processing Financial Data Banking Legislation Botnet Error Smart Phones Access Deep Learning Health IT PDF Electronic Health Records Productuvuty Personal Information 3D Printing Financial CrashOverride Managing Stress Regulation Capital