facebook linkedin twitter

Computerware Blog

A Recent Data Theft Shows Us What to Watch Out For

A Recent Data Theft Shows Us What to Watch Out For

Trend Micro, the developer of the popular antivirus program, has attracted some unwanted attention after a former employee managed to steal customer data and sell it to scammers. These scammers then use this data to call Trend Micro customers. If you use Trend Micro’s antivirus solutions, you’re going to want to pay close attention to any calls you get.

What Happened?

We aren’t shy about informing our clients about the potential dangers of allowing access to more than an employee needs to do their job. This is a practical example of why we say that.

The (now former) Trend Micro employee was able to access more data than they needed to have. Trend Micro provided a pretty succinct explanation of the situation, saying that the employee was able to “gain access to a customer support database that contained names, email addresses, Trend Micro support ticket numbers, and in some instances telephone numbers. There are no indications that any other information such as financial or credit payment information was involved…”

The perpetrator's name has not yet been made public, but whoever they were, they were able to bypass Trend Micro’s internal protections.

Consider what it would take for a phone scam to really be convincing: really, if you were called by someone from “Trend Micro” who knew who you were and that you were a user of their product, you wouldn’t have much reason to doubt them, would you? The data that was up for grabs at Trend Micro contained much more information than that, making it potentially even more valuable to a cybercriminal or scam artist.

You Need to Watch Out for Unsolicited Tech Support Calls

As you might imagine, this scam has been around for about as long as there have been personal computers and is in no way exclusive to Trend Micro customers. Tech support scams have been used to target users for years, often profiling users by their age to find victims more likely to fall for the ruse. Combining this profiling with scare tactics and put-on urgency, the scammer is able to shock their target into handing over their credit card information or allowing the scammer to access their PC remotely.

It isn’t uncommon for these scammers to identify themselves as a member of some “Microsoft Windows support team” or another support company. If the targeted business is big enough, a scammer may just claim to be from the IT department.

This is why you have to be sure that all of your employees know how to have their technology support questions addressed through the right channels.

You Also Need to Keep Your Employees from Accessing More than They Need

Take a critical look at the permissions you afford your employees as far as your network is concerned. How accessible are the folders you store your sensitive information in, like a client’s personal data or financial information?

Best practices dictate that an employee only be given access to what they need to do their job, while common sense dictates that you can’t make an employee’s job too difficult for them, either. Striking a balance between the two can be tricky but working with your IT provider to establish permissions makes it far easier.

If you want to avoid potentially running into a similar situation as Trend Micro did, enforcing security policies is a step you need to take. Doing so should include access control to certain files and areas of your network, requiring MFA/2FA (multifactor/two-factor authentication), and quite a bit of planning to put it all together. However, if it keeps your data safe from threats (inside and out), it’ll be worth the damage control you get to avoid.

If you could use some assistance in securing your network and educating your employees about how scams can be identified, give Computerware a call. Our professionals are here to help - call (703) 821-8200 today.

How to Shop Securely This Holiday Season
Start Using Two-Factor Authentication Everywhere, ...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, January 27, 2020

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Privacy Business Computing Internet Cloud Software Business Management Data Hackers Microsoft Hardware Workplace Tips Network Security Backup Managed Service Provider Business Productivity Hosted Solutions Email Malware IT Services Saving Money Efficiency Productivity Computer Google User Tips IT Support Small Business Smartphones Innovation Mobile Devices Data Backup Quick Tips VoIP IT Support Network Gadgets Collaboration Microsoft Office communications Business Continuity Data Recovery Upgrade Android Social Media Server Disaster Recovery Mobile Office Cybersecurity Virtualization Communication Smartphone Mobile Device Management Miscellaneous Phishing Holiday Ransomware Tech Term Operating System Windows 10 Windows Passwords Apps Outsourced IT Facebook Managed IT Services Unified Threat Management Remote Monitoring Vendor Management Automation Internet of Things BDR Mobile Device BYOD Remote Computing Users Managed IT services Apple Mobile Computing Analytics WiFi Data Management History Marketing Artificial Intelligence Windows 10 The Internet of Things Firewall Browser Save Money Alert Cloud Computing App Big data Help Desk Two-factor Authentication Bandwidth Business Technology Encryption Spam IT Consultant Office 365 Training Antivirus Gmail Managed IT Government Office Maintenance Cybercrime Printer Content Filtering Information Technology Going Green Health Hard Drives Bring Your Own Device Wireless Technology Computers Outlook Saving Time Windows 8 Search VPN Windows 7 Managed Service Employer-Employee Relationship Virus Tech Support Retail Best Practice Lithium-ion Battery Cost Management Information Hiring/Firing Budget Access Control Customer Service It Management Travel Blockchain Education Humor Data Loss Recovery Update iPhone Hacking Project Management Networking IBM Money Phone System Document Management Healthcare Administration File Sharing Hard Drive Law Enforcement Applications Intranet Twitter Patch Management Solid State Drive Compliance Mobility Website Conferencing Data storage Avoiding Downtime Risk Management Data Breach Password Value Legal Save Time Downtime Hacker Customer Relationship Management Regulations Current Events Augmented Reality PowerPoint Running Cable Proactive IT SaaS Computing Hosted Solution Virtual Desktop End of Support Social Networking Social Robot Fax Server Wireless Data Security Securty Google Maps DDoS Storage Social Engineering Scam Black Market Flexibility Voice over Internet Protocol Cryptocurrency Word Monitoring Laptop Private Cloud Cortana Business Growth Business Intelligence Excel Digital Digital Payment Websites Router Management Telephony Machine Learning Paperless Office Vulnerabilities Telephone Systems Comparison Tablet Company Culture Sports Cooperation Computer Repair Vendor Disaster User Specifications Safety Text Messaging Vulnerability Webcam Processor Bitcoin Programming Identity Theft Statistics IT service Network Congestion Lifestyle Documents Data Protection Distribution Entertainment Teamwork Heating/Cooling Professional Services Virtual Reality Downloads Politics Bluetooth Streaming Media Automobile Inbound Marketing Emails Chromebook Redundancy Computing Infrastructure Hack Memory How To eWaste Google Docs Net Neutrality Meetings Pain Points Experience Chrome Download Managed Services Provider Evernote Virtual Assistant Cleaning Wi-Fi Monitors Office Tips Multi-factor Authentication Telephone Processors Start Menu Tech Terms Computer Accessories Microchip Taxes Distributed Denial of Service USB Managed IT Service Mobile Technology YouTube Software as a Service Unified Communications Settings User Error Trending Co-managed IT Presentation Gaming Console Public Cloud Licensing Uninterrupted Power Supply Mouse Relocation Tablets GPS Microsoft 365 Archive Business Cards Service Level Agreement Banking Botnet Managing Costs Spyware Mobile Payment Skype Startup Asset Tracking Medical IT Trend Micro Permissions Language Unified Threat Management Backup and Disaster Recovery Sync Communitications External Harddrive Browsers Electricity Printing Username Point of Contact Screen Reader Customer Resource management User Tip Proactive Maintenance Gamification Notifications CCTV Digital Signature Security Cameras Threats Reliable Computing 3D Solutions Ebay Music Piracy Upload Business Metrics Computer Malfunction Navigation Thin CLient Virtual Machine cache Television switches Writing Smart Tech eCommerce Fiber-Optic Database In Internet of Things Best Practives IT Assessment Smart Phones Data Analysis Employees WannaCry Upgrades HTML LiFi Analytic Telephone System PDF SQL Server Corporate Profile Recycling Mobile Security GDPR Managing Risk Time Management Freedom of Information Multi-Factor Security Cost Scalability Microserver Adminstration Integration Pirating Information Software License Trends Motion Sickness Best Available Keyboard Tech Leadership Hypervisor Assessment SharePoint Product Reviews Domains Holidays Tip of the week Work/Life Balance Read Fraud Tactics Fileless Malware Hybrid Cloud Google Calendar Deep Learning Devices Messenger Tracking News Visible Light Communication Get More Done Memes Proxy Server Azure VoIP UTM Content Rental Service Public Speaking Modem Strategy Touchscreen Legislation Error Cabling Turn Key Electronic Medical Records Transportation Knowledge Device Management IT Plan Enterprise Resource Planning Web Server Printer Server Shortcut Term Consultation IT consulting Troubleshooting Recording Optimization Content Management email scam Addiction Administrator Trojan Entrepreneur Directions Display Technology Tips Business Managemenet Accountants A.I. Books Workers Fake News Advertising Flash Environment IT Dark Web Free Resource Audit CIO Supercomputer Organize HIPAA Upselling SSID How To Wireless Headphones Worker Electronic Payment Health IT Employee/Employer Relationship Video Surveillance Staffing Google Wallet online Currency Migration Connected Devices Competition Processing Managed Services Data Warehousing Windows XP Samsung Business Owner Logistics Virtual Machines Emergency Hard Drive Disposal Society Network Management Saving ZTime Wasting Time Access Displays Equifax Fleet Tracking Reading Cyber security Microsoft Excel G Suite Smart Devices Bookmark Computer Care Micrsooft LinkedIn Device security MSP Employer Employee Relationship IP Address Nanotechnology Social Network Human Resources Employer/Employee Relationships Debate Drones Desktop Finance Hacks Physical Security Webinar Application Harddrive Google Play Telephone Service Google Drive Windows Server 2008 Financial Printers Managing Stress CrashOverride Regulation 3D Printing Capital Personal Information Productuvuty

toner1