At NAPLIA, we strive to be proactive in addressing the changing risks affecting CPA firms
When it comes to protecting your client’s data, social engineering is continually evolving as an important topic in risk management. Social engineering is a whole category of threats, encompassing the many ways “bad guys” try to trick employees into disclosing information.
Firms like yours are especially rich targets for social engineering due to the amount of sensitive financial and personal information with which they are entrusted. Technology-based controls and prevention measures are being overwhelmed by new social engineering techniques and the sheer number of attacks.
The best preventative measure against social engineering attacks is education. At NAPLIA, our goal is “provide more than a policy” with education and services that protect your practice.
PHISH TESTING –
NAPLIA offers a free phishing test for our clients which sends a harmless test email to each of your employees. A report is then emailed to your firm’s insurance contact which summarizes how many people opened the email and how many people clicked the “malicious” link within it. When an employee opens a link, they will receive a list of tips on how to avoid opening a phishing email in the future.
Some of the emails we have sent include:
- A forged FedEx Shipping Notification (your company address to be shown in delivery address field):
- A forged LinkedIn Invitation
- A Dropbox notification about “tax return source information”
How many employees at your firm will open the next Phishing Email? Most studies say that 35% of all phishing emails are opened at least once.
Questions?
Rob Ferrini | Program Manager | NAPLIA
Direct: 508.656. 1327 |Toll Free: 866.262.7542, ext. 1327 www.naplia.com
