A Guide to Vendor Impersonation Fraud

Protecting Yourself in the Digital World

In today’s interconnected digital landscape, where online transactions and collaborations are the norm, it’s important to be aware of the various threats lurking in the shadows. Vendor Fraud is one of the latest financial scams and can occur from one or multiple sources in a very sophisticated manner. If not detected, it can cost businesses severely.

 

What is Vendor Impersonation Fraud?

Vendor Impersonation Fraud is a form of Business Email Compromise fraud that occurs when a malicious actor or employee scams a company into making payments to fraudulent accounts. This can happen in multiple ways, such as providing fake vendor or account information, hijacking a vendor or employee’s email account, or pretending to be a reliable vendor with the intention of carrying out fraudulent activities, such as invoice scams or other forms of financial fraud.

Third-party impersonations made up 52% of all Business Email Compromise (BEC) attacks in May 2022, but keep in mind unaffiliated malicious actors aren’t the only ones committing fraud; they can be employees as well. In fact, more than 55% of frauds were committed by individuals in one of six departments:

  • Accounting
  • Operations
  • Sales
  • Executive/Upper Management
  • Customer Service
  • Purchasing

vendor impersonation fraud common targeted departments

Types of Vendor Impersonation Fraud

There are many types of vendor impersonation fraud, but these are the most common:

  • Cyber Fraud cases involving unauthorized individuals who have no affiliation with the company or the vendor are among the most challenging to identify. These malicious actors manipulate the account of a trusted vendor, redirecting payments to their own accounts electronically. Every quarter, 2/3 of all organizations are targeted by email attacks that use a compromised or impersonated third-party account.
  • Check Manipulation involves an individual forging or modifying information on a vendor’s check to route payments to a personal bank account. 
  • Ghost Vendor occurs when a fictitious vendor is created in the company’s records. Payments are then made to this non-existent vendor, and an employee or an external fraudster usually siphons off the funds.
  • Duplicate Payments occur when an employee uses a legitimate vendor’s account, manipulates the payment records, and initiates multiple payments for a single vendor invoice in order to direct the second payment to their personal account. 

 

Who’s at Risk of Vendor Impersonation Fraud?

While anyone can potentially fall victim to vendor impersonation fraud, certain individuals and organizations are more susceptible to these scams, such as those that handle finances. These are the primary targets for vendors seeking to exploit payment processes.

  • Small businesses or organizations with limited resources and cybersecurity measures in place are often targeted due to their perceived vulnerability.
  • Organizations with a high volume of vendor interactions or those engaged in frequent international transactions may be more exposed to vendor impersonation fraud attempts. 
  • Employees in accounts payable departments
  • Individuals responsible for making financial transactions 

 

How to Identify Vendor Impersonation Fraud?

In 2020, the average fraud scheme lasted a median of 18 months before being detected, which is why it’s critical to know what to look for.

  1. Discrepancies in Vendor Information: Review vendor details such as contact information, addresses, or tax identification numbers. Be wary of inconsistencies or if the information provided cannot be verified.
  2. Unusual Payment Requests: Beware payment requests that deviate from standard procedures, including sudden changes in bank account details, requests for expedited payments, or requests for payment to unfamiliar or unrelated third-party accounts.
  3. Inconsistencies in Invoices or Documentation: Scrutinize invoices for irregularities, such as misspellings, incorrect formatting, or missing information. Fake or altered invoices are common signs of fraudulent activity.
  4. Suspicious Communication Patterns: Pay attention to any sudden changes in how your vendor communicates with you, like using different email addresses, unusual phone calls, or requests to communicate outside of normal channels.
  5. Unexpected Price Increases: Be cautious if there are significant and unexplained price increases from a vendor. Fraudsters may attempt to overcharge for products or services, hoping to slip unnoticed.
  6. Poor Quality or Undelivered Goods/Services: If you receive substandard goods or services or if your orders consistently go unfulfilled, it could be a red flag for vendor fraud.
  7. Unusual Vendor Behavior: Be alert to vendor behavior that deviates from their usual practices, including evasive answers, sudden unresponsiveness, or reluctance to provide documentation or clarification.
  8. Stay Informed: Keep up-to-date with fraud trends and news within your industry. Awareness of new tactics and scams can help you be more proactive in identifying vendor fraud. Be sure to educate your employees on vendor impersonation fraud and encourage them to report suspicious activity. They may notice irregular vendor interactions or uncover information that could help identify fraud.  

No single indicator guarantees the presence of vendor fraud. However, being vigilant and combining multiple factors for assessment can significantly improve your ability to identify potential fraudulent activities and protect your organization from falling victim to vendor fraud. 

 

Measures to Detect and Prevent Vendor Impersonation Fraud

Vendor Tips:

  • Due Diligence: During the onboarding process, focus on verifying vendor details such as mailing addresses, contact numbers, vendor tax identification numbers, contact persons, and bank accounts. Also, check the vendor’s financial stability.
  • Conduct Reputation and Reference Checks: Research the vendor’s reputation within the industry. Seek references from other clients or business partners who have worked with the vendor before. This allows you to gather insights into their reliability, integrity, and history of delivering quality services.
  • Evaluate Internal Controls: Assess the vendor’s internal controls and anti-fraud measures. Review their policies and procedures related to fraud prevention, cybersecurity, and data protection. Strong internal controls demonstrate the vendor’s commitment to mitigating the risk of fraud.

Employee Tips:

  • Split Responsibilities & Regular Rotation: Separating the tasks of inputting purchase information and approving transactions can help limit employee misconduct. You can also rotate duties of employees in vendor management and purchasing or rope in managers to monitor important tasks.
  • Run Thorough Background Checks: Conduct thorough background checks on all employees involved in vendor management or financial transactions. Verify their credentials, employment history, and conduct reference checks to ensure they have a trustworthy track record.
  • Anti-Fraud Training & Anonymous Tip Line: Provide comprehensive training to employees on fraud prevention, including specific information about vendor impersonation fraud. Additionally, encouraging your employees to report suspicious activity of their colleagues can strengthen internal controls.

 


 

 

Click here to download a FREE Vendor Impersonation Fraud E-Book!

 

 

 

 


 

 

System Tips:

  • Invest in Vendor Management Software: Consider streamlining and automating the process of managing vendors and their relationships. A centralized platform can efficiently handle vendor onboarding, contract management, performance tracking, compliance monitoring, and more. 
  • Educate Your Team: Educating your team about vendor fraud risks and consequences can enhance their awareness & vigilance. Conducting regular risk assessments helps identify loopholes & vulnerabilities that should be closed to mitigate vendor fraud effectively.
  • Monitor and Audit: Actively monitor vendor-related transactions and activities for any signs of suspicious behavior. Regular audits can help assess the effectiveness of existing control measures and identify any vulnerabilities that malicious actors may exploit.

 

How to Respond to Vendor Fraud

  1. Notify Authorities & Affected Parties: Report the fraud to local law enforcement agencies and provide all relevant details and evidence. Additionally, notify financial institutions and anyone directly affected.
  2. Document and Preserve Evidence: Gather and securely store all evidence related to the fraud, including emails, invoices, payment records, and any communication with the fraudulent party. This is crucial for investigations, insurance claims, and potential legal proceedings.
  3. Seek Legal and Professional Advice: Consult with legal advisors specializing in fraud and cybersecurity. They can guide you through the legal implications, advise on recovery options, and assist with any necessary legal actions against the fraudsters.

 

Real-World Cases of Vendor Fraud

Sometimes reading real-world examples is the best way to understand something. Below are some real-world cases of vendor impersonation fraud at large organizations, small businesses, non-profits, and even government organizations. 

  • GoogleIn 2013, a man and co-conspirators scammed Google into paying him more than $23 million using forged invoices, contracts, letters, and corporate stamps.
  • FacebookIn 2015, the same man scammed Facebook out of $98 million. The payments were wired to bank accounts throughout Latvia, Cyprus, Slovakia, Lithuania, Hungary, & Hong Kong.
  • Ubiquiti: In 2015, employee impersonation & fraudulent requests from an outside entity targeted Ubiquiti’s finance department resulting in a transfer of over $46.7 million.
  • Toyota Boshoku CorporationIn 2019, attackers managed to convince an employee with financial authority at a major Toyota auto parts supplier to change account information on an electronic funds transfer, resulting in a loss of $37 million.
  • Government of Puerto RicoIn early 2020, the finance director of Puerto Rico’s Industrial Development Company received an email explaining a change to the bank account tied to remittance payments. $2.6 million was mistakenly transferred.
  • Save the Children CharityIn 2018, a well-researched attacker gained access to an employee’s email account and sent fake invoices requesting payment close to $1 million for solar panels in Pakistan, where a Save the Children Health Center was located.

Education Empowers Us

In conclusion, staying educated on vendor impersonation fraud is of utmost importance in today’s digital age. The ever-evolving tactics used by fraudsters necessitate constant vigilance and awareness. By staying informed about the latest techniques employed by scammers, individuals and businesses can better protect themselves from falling victim to fraudulent activities.

Education empowers us to recognize warning signs, question suspicious requests, and implement robust security measures. It enables us to safeguard our financial resources, personal information, and reputations. Moreover, by sharing knowledge and promoting awareness, we collectively contribute to a safer online environment for everyone. Therefore, let us remain committed to staying educated on vendor impersonation fraud and strive to outsmart the fraudsters at their own game. If you are looking for a cybersecurity professional to help you improve your organization’s cybersecurity posture, or if you have been the victim of vendor impersonation fraud and are looking for recovery options, contact us today.

 

3 Steps to Secure Your Company with a Password Manager

Why is a Password Manager so Critical?

The average person has 70 to 80 passwords connected to business and personal accounts. If you’re chronically online like the rest of us, that could easily look like 300+ passwords. Passwords are one of the first layers of account protection and act as a vital defense mechanism, protecting our sensitive information, personal data, and online accounts from unauthorized access and potential breaches.   

When it comes to cybersecurity, managing the password jungle is one of the biggest challenges for individual users and companies. If your company still needs a password management system, your employees and clients are at a higher risk of being compromised.   

 

So how can you patch this potential hole? By setting up a password manager company-wide. 

 What is a Password Manager, and Why is it Useful? 

A password manager is a software tool or application designed to securely generate, store, and manage a user’s logins and passwords.  

It’s challenging to create unique and complex passwords for each account, let alone keep track of them all. Microsoft found that 73% of users duplicate their passwords in both their personal and work accounts. Investing in a password manager for your team can alleviate the burden of generating, securely storing, and remembering multiple complex passwords for different accounts, which adds another layer of security to your organization.   

Most password managers have the following features:  

  • Master Password. A master password is what safeguards access to the rest of your account. This master password should be unique, long, complex, and memorized by you.  
  • Password generation. When creating a new account, auto-filled strong password suggestions help make the process easier.  
  • Secure storage for your passwords. The software ensures they are encrypted and protected from unauthorized access. 
  • Manage your passwords. Some password managers have alerts for when you’ve reused a password, a password was discovered in a breach, 2FA is available (and not currently set up) for a particular site, and more.  
  • Secure sharing. If you need to share login credentials, many password managers allow you to create shared vaults for people that share login details.  
  • Additional storage for sensitive information. Credit card details, secure notes, documents, bank accounts, IDs, and more are all securely stored in one place.

Three Steps to Secure Your Company’s Passwords 

Step One: Choose a Password Manager 

First, you need to pick a password manager for your company. But there are some important things to consider like: 

  • User Management Tools: Evaluate the user management capabilities of the password manager. Will it let you easily manage user access and password sharing? Can it handle multiple users or teams within your organization?  
  • Compliance Requirements: Depending on your industry, you may have specific compliance requirements, such as password health monitoring or the ability to generate compliance reports. Ensure that the password manager you choose provides the necessary security measures to safeguard sensitive information. 
  • Usability and User Experience: Consider the ease of use for your team members. A password manager that is intuitive and user-friendly will help encourage use and minimize the learning curve. To enhance usability, look for features like browser extensions, autofill capabilities, and synchronization across devices. 

 

Popular Password Manager Options (+ What We Recommend!)

So, what are some of the most popular password managers that are worth investing in?  

  • 1Password: A popular choice offering a comprehensive suite of features, including secure password storage, document storage, and sharing capabilities. It integrates well with various platforms and provides advanced security options like two-factor authentication.  
    • At Edge Networks, our personal choice and recommendation is 1Password. Its user-friendly interface, comprehensive features, and reputation as one of the most secure password vaults make password management as easy as possible. 
  • LastPass: A widely recognized password manager known for its robust security features, intuitive interface, and multi-platform support. It offers both personal and business plans, allowing you to scale as your company grows. 
  • Dashlane: It offers an intuitive and user-friendly interface, making it easy for teams to adopt. It provides features like password autofill, password generation, and secure note storage. Dashlane also offers business plans tailored to meet the needs of organizations. 
  • Keeper: Known for its security features, including strong encryption and zero-knowledge architecture. It offers a range of features like password sharing, role-based access control, and compliance with various industry regulations. 
 

Why We Don’t Recommend Google Password Manager

There are many password manager options out there, and it can be hard to decide which one to invest in. Many people go for what’s most convenient and free, such as Google Password Manager. If that sounds like you, we have some news for you: While Google Password Manager may seem convenient for managing passwords, there are several reasons why it may be advisable to avoid relying solely on it and opt for dedicated password managers instead:  

  • Dependency on Google Account: Google Password Manager is directly tied to your Google account. Someone who gains unauthorized access to your Google account can access all your stored passwords. This concentration of sensitive information within a single account poses a higher risk than dedicated password managers, which often employ additional security measures to protect user data. 
  • Less Focus on Security: While Google takes security seriously, dedicated password managers typically prioritize security as their primary focus. They employ robust encryption algorithms, zero-knowledge architectures, and other security measures to protect stored passwords. Dedicated password managers are often independently audited for security and undergo regular security updates, enhancing their ability to protect passwords. 
  • Limited Features: Google Password Manager offers basic password storage and autofill capabilities but lacks many advanced features in dedicated password managers. Features like password sharing, secure note storage, and password auditing are often absent in Google Password Manager, limiting the control and functionality available to users. 
 

Step Two: Setting Up the Password Manager 

Once you’ve chosen your password manager, it’s time to set it up. The size of your organization and how many passwords each user has will determine how long this step takes. 

  • Create a Master Account: Establish a central master account within the password manager. This account will serve as the mothership for your cybersecurity team, allowing them to manage user accounts, access permissions, and other administrative tasks. Setting up the master account typically involves a strong and unique password, as it holds the key to your organization’s password management system. 
  • Configure Settings: Customize the password manager’s settings to align with your organization’s security policies and requirements. This includes defining password requirements like complexity rules, minimum length, use of special characters, restrictions on password reuse, and other relevant criteria. Enable features like two-factor authentication (2FA) to add an extra layer of protection to your password manager. Be sure to fine-tune the settings based on your organization’s specific needs. 
  • Import Existing Passwords: Most password managers can import passwords from various sources, simplifying the transition process. You can import passwords from web browsers, CSV files, or other password managers. This enables smooth migration of existing passwords into the new password manager, minimizing the burden on users to manually re-enter their credentials. However, if passwords are stored in handwritten or non-digital formats, adding them to the password manager may require manual input, which can be time-consuming. 

Team training on how to use a password manager

Step Three: Train Your Team 

Now that you have successfully set up your password manager, you must provide comprehensive training to your team members on how to use this valuable tool. It is important to consider different learning styles and ensure the training materials are accessible to everyone.   

We suggest creating a detailed, text-based Standard Operating Procedure (SOP) that outlines the step-by-step process of using the password manager. This text-based guide should include clear instructions accompanied by screenshots or visual aids to help users understand each stage of the process. This also allows your team to refer to the SOP whenever needed and follow the instructions at their own pace. 

You can complement the text-based SOP by creating a video guide visually demonstrating the same procedures. This video can be recorded using screen capture software, displaying the password manager’s features and functionalities in action. A video guide is especially beneficial for individuals who prefer visual and auditory learning, as they can watch and listen to the instructions in real time. 

Training is an ongoing process, especially as new team members join or the password manager evolves. Regularly communicate with your team, gather feedback, and promptly address any issues or concerns. Investing time and effort into training and learning resources enables your team to confidently utilize the password manager’s features, ensuring consistent and secure password management practices across your organization. 

Setting Up Your Password Manager Doesn’t Have to Be a Burden

If the idea of overhauling your company’s password management system seems overwhelming, rest assured – you’re not alone. We recognize that cybersecurity can be time-consuming and are here to alleviate that burden for you. At Edge, we’re all about helping you reach your security goals while providing clarity for you every step of the way.  

Contact us today if you are looking to improve your organization’s cybersecurity without sacrificing your precious time and resources.  We would love to help you. 

 

Passkeys: The Future of Password Security

Passkeys: The Future of Passwords

When it comes to digital security, passwords have long served as the primary line of defense for users to protect their personal information. From online banking to food delivery apps to social media, we rely heavily on passwords to secure our data. However, the limitations of traditional passwords have become evident over the years. Between human error and cybercriminals becoming increasingly sophisticated, sometimes the only thing standing between cyber criminals and our sensitive information is eight characters. 

In previous blog posts, we provided insight into passwords and password managers, but as the digital landscape and cybersecurity trends change, we should be keeping up. This article will cover the limitations and risks of traditional passwords and password managers and why passkeys are seen as the future of passwords. 

The Rise and Fall of Passwords 

From humble beginnings in the early days of computing to now, passwords have played a crucial role in ensuring the security and privacy of our online accounts. In the past, passwords were often simple and easy to guess, reflecting a time when cyber threats were less prevalent. However, the need for stronger passwords grew as technology advanced and hackers became more sophisticated, using methods like brute-force attacks, keylogging, phishing, malware, and more. 

These advancements led to stronger password recommendations, including using more characters and a mix of uppercase and lowercase letters, numbers, and symbols. Though recommendations can improve your password strength, when it comes to things like length and composition, your password doesn’t actually matter. Without an extra layer of security, like Multi-Factor Authentication (MFA) or advanced threat detection, your password is still vulnerable to countless password-based attacks every day. 

Password security has seen significant developments since the popularization of MFA, an electronic authentication method that requires 2+ pieces of evidence to access an account. MFA has proven to be one of the most effective ways to protect accounts against unauthorized access. In a report released by Microsoft in 2018, they found that MFA can block over 99.9 percent of account compromise attacks. 

Despite these improvements, password users are human, and humans are subject to forgetfulness and complacency. Creating and remembering unique and complex passwords for every account is difficult, leading to repeated passwords and weak protection.

 

password manager

Password Managers

Password Managers have been around for decades, with RoboForm being the first released in 2000. A password manager is a digital encrypted vault where users can store passwords securely, and it is one of the safest ways to juggle and store your accounts and passwords. Most password managers will suggest unique and complex passwords when making a new account, which streamlines the process of creating a strong password and reduces the frustration of creating and remembering a new one. Some more features that password managers have are password strength analysis, warnings when you’re reusing passwords, secure sharing, and auto-filling user credentials. Some password managers, like 1Password, have stated their plans in the near future to integrate passkey support into their platforms. 

Though password managers are a great way to secure sensitive information, some drawbacks come with it. Having one password to access your password manager means there is a single point of failure if your master password is compromised or there is a breach in the password manager’s security, meaning all your passwords and accounts could be at risk. 

It could also be a risk to depend on a password manager entirely. If you rely on it heavily and it suddenly becomes inaccessible due to server issues, software bugs, or other incidents, you could encounter difficulties trying to access your accounts. Additionally, you would have the challenge of remembering your master password, which should be strong and complex. 

What is a Passkey?

On May 3rd, 2023, Google announced its launch of the passkey, a passwordless login for their account users to offer advanced protection. A passkey is a digital credential tied to a user account and a website that allows users to access certain accounts with pins or biometric sensors (fingerprints or facial recognition) to free them from remembering and managing passwords. Google states this technology aims to “replace legacy authentication mechanisms such as passwords.” Many companies already use passkeys in their systems, including Google, DocuSign, Robinhood, Shopify, Paypal, Kayak, and more, and it’s not unlikely that many more will follow the trend. 

 

Passkey

Why should I use passkeys?

  1. Passkeys are easier. Being able to authenticate your identity using your device’s fingerprint sensor, facial recognition, or PIN removes the roadblocks that come with a password manager and individually memorizing passwords. It also leaves less room for human error and vulnerabilities for cybercriminals to uncover, allowing for a simplified sign-up and login process. 
  2. Passkeys are more secure. Because passkeys are tied to individual devices, they provide a higher security level than traditional passwords. They’re generated using cryptographic algorithms, making them more complex and resistant to brute-force attacks. Passkeys are also less susceptible to phishing attacks since passkeys are system-generated, not user-entered, and only work on their registered websites and apps, meaning users don’t need to worry about entering their passkeys on fraudulent websites or providing them to malicious actors.
  3. Passkeys integrate easily with MFA. Passkeys can be used as part of a multi-factor authentication (MFA) setup, where multiple authentication factors are combined for stronger security. Using a passkey can fulfill the criteria for multifactor authentication in a single step, combining the strengths of both a password and a one-time password (OTP), such as a 6-digit SMS code, which provides heightened security and offers enhanced protection. 

 

Passkeys: A Promising Future for Password Security 

With enhanced strength and resistance to common vulnerabilities, passkeys provide a powerful means of authentication and a promising future for password security. Passkeys enhance the overall security landscape by eliminating the reliance on user-generated passwords and integrating with multi-factor authentication. Their ability to meet multifactor authentication requirements in a single step and their effectiveness against phishing attacks make them an exciting advancement in password protection. 

As more companies move toward passkeys and embrace innovative authentication methods, we can look forward to a future where our online accounts and sensitive data are better protected, enabling us to navigate the digital world with greater peace of mind. If you are looking to improve your cybersecurity posture, contact us today. We would love to get in touch with you.

Ask an Expert: History Repeated with Another T-Mobile Data Breach

Ask an Expert: History Repeated with Another T-Mobile Data Breach

T-Mobile has been in the headlines often for all the wrong reasons – multiple data breaches that have affected millions of customers. The telecom giant has a history of struggling to keep its users’ information safe. Understandably, these events caused an uproar among customers, and they were quick to demand answers and improved security measures. Keep reading for a look into the history of T-Mobile data breaches, the most recent 2023 T-Mobile Data Breach and how it affected current and prospective customers, and statements from our Director of Cybersecurity.

 

The Summarized History of T-Mobile’s Data Breaches

Since 2018, nine hacks have been disclosed by T-Mobile, with half being in the last three years. These previous breaches ranged from the following:

2018-2020

  • August 2018: About 3% of customers (2.3 million) were affected by unauthorized access to personal customer data, including the name, billing zip code, phone number, email address, account number, and account type of users.
  • November 2019: Less than 1.5% of customers (over a million) were affected by unauthorized access to name, billing address, phone number, account number, rate, plan, and calling features (such as paying for international calls).
  • March 2020: Unknown amount of customers affected by unauthorized access to names and addresses, phone numbers, account numbers, rate plans, and billing information.

 

2021-2023

  • January 2021: Less than 0.2% of customers were affected by unauthorized access to name, phone number, account number, and billing address.
  • February 2021: Unknown amount of customers were affected with unauthorized access to names, addresses, email addresses, account numbers, social security numbers (SSNs), account personal identification numbers (PIN), account security questions and answers, date of birth, plan information, and the number of lines subscribed to their accounts.
  • August 2021: 40 million former or prospective customers affected with unauthorized access to names, date of birth, SSN, and driver’s license/ID information, were compromised. 7.8 million customers were affected by unauthorized access to name, date of birth, SSN, and driver’s license/ID information, as well as 5 million customers affected with unauthorized access to phone numbers, as well as IMEI and IMSI information.
  • December 2021: “A very small amount of customers” experienced SIM Swap Attacks – meaning a SIM card assigned to a mobile number on their account may have been illegally reassigned or limited account information was viewed.
  • April 2022: Stolen source code after T-Mobile employees’ credentials were stolen online. No government or customer data were compromised.
  • January 2023: In November 2022, 37 million customers were affected by unauthorized access to name, billing address, email, and phone number. This breach wasn’t discovered until months later, in January 2023.

 

Although this list may seem extensive, it doesn’t include other bugs and vulnerabilities discovered at T-Mobile over the years.

 

2023 T-Mobile Data Breach: T-Mobile’s Response

After the most recent breach earlier this year, T-Mobile wrote in its SEC disclosure that since 2021, they have made a “substantial multi-year investment working with leading external cybersecurity experts to enhance our cybersecurity capabilities and transform our approach to cybersecurity.” They state that they’ve made substantial progress since and backed their statement by pledging $150 million toward enhancing their cybersecurity.

All things considered, we can only hope to see the results and benefits of their cybersecurity improvements, as T-Mobile claims that protecting customer data is their top priority.

 

Potential Impacts On Current and Prospective T-Mobile Customers

​​The latest data breach by T-Mobile will likely negatively impact current and prospective customers. As news of the recent breach spreads and more awareness is made about T-Mobile’s long history of breaches, people may have become wary of trusting their personal information with T-Mobile and may take their business elsewhere. It may also cause some customers to question the overall security of T-Mobile’s systems, and as a result, they may choose not to use their services.

It can be challenging to trust a company that has had multiple data breaches in its history. Still, it’s important to remember that T-Mobile has taken immediate action following its numerous breaches. They invested heavily in improved security measures and are now working to enhance their cybersecurity.

 

Class Action Lawsuit for January 2023 T-Mobile Data Breach

T-Mobile isn’t the first organization to suffer multiple breaches over the years, and it certainly won’t be the last. Though T-Mobile has acted quickly over the years to shut down breaches, address customers’ concerns, and offer settlements. A recent Class-Action Lawsuit was filed against them for the most recent breach announced in January 2023 breach. The lawsuit states, “T-Mobile failed to exercise “reasonable care” in safeguarding the private information of millions of consumers from a data breach announced around January 20, 2023.” Learn more about the class action lawsuit here.

 

 

The Future of T-Mobile After Its Numerous Data Breaches

The 2023 T-Mobile data breach and the prior breaches have been unfortunate events that left many of its customers feeling violated over the years. Though events like these are unprecedented, it becomes a bit concerning when they repeatedly occur to a company of this size. Since its most significant breach in 2021, T-Mobile has announced its efforts to enhance cybersecurity by pledging $150 million toward the cause and working with leading cybersecurity experts to transform its approach to cybersecurity. We have seen quick responses after past breaches and hope to see improvement in the future.

 

Ask An Expert: FAQ with Edge Networks’ Director of Cybersecurity

What are the most common causes of data breaches?

This is a great question; I believe that the most common causes of data breaches are misconfigurations and human error. Specifically, ensuring that MFA is enabled, and if not, that is considered misconfiguration. An example of human error would be to accept a request asking for approval to allow login if it is not actually you requesting the access.

 

T-Mobile has disclosed nine hacks since 2018. Why does it keep happening?

Very tough to say. T-Mobile is a national carrier with a lot of information, which makes its organization a desirable target. Cybersecurity is not one-size-fits-all. The best an organization can do is ensure they’re following a well-established security framework and aligning themselves with it.

 

Should I switch providers if my current one has suffered a data breach?

Honestly, one would probably run out of options if you tried that. A lot of organizations have been breached. I personally do not believe you have to switch providers. However, I also do not believe an organization is more secure after a breach than before.

 

How can I determine if a company is trustworthy and will handle my data safely?

This is a most excellent question! Ask the company if they have a SOC2 type 2 report that they can share. If they don’t, and the data you plan on having them work with is critical, you might consider walking away. If more consumers asked businesses for this information, they would work towards achieving a higher cybersecurity posture.

 

How can organizations protect themselves from data breaches?

Treating cybersecurity investments as if they were the paper your organization needed to operate. Cybersecurity should never be an afterthought, and organizations need to prepare and budget.

  1. Establish a security framework, and work towards “checking” all the boxes.
  2. Ensure that you have security awareness training for all
  3. Setup Multi-Factor Authentication (MFA)
  4. Work with partners that can help secure and align your business

 

How should organizations respond after a data breach?

All organizations should be 100% TRANSPARENT. Many laws are coming down the pipeline for organizations. In fact, a few states that already have stronger notification laws in place, such as California. It’s not unrealistic to believe several others will be following their lead. Work on the plan that was hopefully implemented before the breach occurred.

 

Conclusion

For many people, the latest T-Mobile data breach has left them concerned and vulnerable. If you have any questions or concerns, feel free to contact us. We’d love to chat with you!

3 Skills You Need to Get Hired in Cybersecurity

In light of the recent wave of layoffs, we want to provide as much information as possible to help folks interested in tech/cybersecurity land their next cybersecurity job. (By the way, we’re hiring!)

 

 

1. For Cybersecurity Jobs, You Must Understand Ports and Protocols

Ports and Protocols are important concepts that relate to how networked devices communicate with each other. Understanding how these concepts work will help you to avoid sounding like Chicken Little running around yelling, “The sky is falling!” any time you see some activity. 


Ports:
 A port is a virtual endpoint through which data is sent and received. Think of a port like a door or a gate that data passes through as it moves between devices on a network. Each port is assigned a unique number, which is used to identify the type of traffic allowed through that port. For example, port 80 is commonly used for HTTP traffic (i.e. web browsing), while port 22 is used for SSH traffic (i.e. secure shell connections).


Protocols:
 A protocol is a set of rules that dictate how data is exchanged between devices on a network. In cybersecurity, they determine how data is transmitted and secured. For example, the HTTPS protocol is used to send data securely over the web, while the SSH protocol is used to create secure connections between devices. 


Understanding different ports and protocols and how they relate to each other will enable you to determine what network activity is usual and what activity is unusual. From there, you can dive in and check for possible attacks or compromises.

 

#2: Read Cybersecurity News

One of the most common interview questions is, “What sources do you use to stay current with current cybersecurity news?” There are a lot of sites out there, but here are a few we recommend:

  1. Bleeping Computer – A casual source. But it can be a great way to stay engaged and interested in the content because it’s not jargon-heavy. They’re great at keeping their ear to the ground, so we recommend checking them out to keep updated with recent breaches, attacks, and exploits.
  2. Cybersecurity & Infrastructure Security Agency (CISA) – CISA is excellent at providing specific technical details to handle new exploits and vulnerabilities as they arise.
  3. Forbes Cybersecurity – Forbes is a popular source of information, especially for less technical readers. Keeping up to date with cybersecurity news in Forbes is a great way to keep tabs on what information is being circulated that non-technical clients/staff may ask you for more information about.

 

#3: Be Familiar with Common Tools Used in Cybersecurity Jobs

Interviewers will likely ask you if you’re familiar with the tools they use at their company. Being able to confidently say, “Yes, I do know a bit about that tool.” will go a long way. When looking at a company’s job description, we recommend familiarizing yourself with the tools listed if you aren’t already familiar with them.


Sometimes, an interviewer may ask you what tools you’d recommend they implement at their company. To be prepared for this question, having suggestions for the following will set you up to crush this question:

  1. Antivirus
  2. Logging
  3. SIM Solution
  4. Phishing Simulations
  5. Vulnerability Scanning

 

You Have What it Takes When Searching for Cybersecurity Jobs

We hope these tips will help you explore cybersecurity jobs and find the one you’re looking for! If you have any questions about what to expect in the cybersecurity world, feel free to reach out to us with your questions.

Check out our Careers page to learn more about working at Edge Networks and the roles we’re currently searching to fill.

The Top 3 Cybersecurity KPIs Every Business Needs to Track

Key Performance Indicators (KPIs) are an excellent way to measure your team’s success. When it comes to Cybersecurity KPIs, there are a few we recommend to be at the top of your IT team’s list. 

 

#1: How Prepared Are You?

As the attack surface continues to expand with the introduction of new technologies, it’s crucial for teams to regularly assess their preparedness to handle a cybersecurity incident.


A deep understanding of possible threats determines how prepared your team is to respond to a breach. Tools like 
VirusTotal and Open Threat Exchange (OTX by AT&T) can provide insights into the latest trends and developments in the digital landscape, helping your team stay up-to-date and better prepared to keep your company’s data safe and secure.

 

#2: Unidentified Devices

Unidentified devices are any devices that are connected to your company’s network but are not properly registered or authenticated. These devices could be owned by employees, contractors, or other third parties, but they may also be owned by outsiders who have gained access to the network.


Tracking and identifying all devices connected to your company’s network is essential. This includes laptops, desktops, smartphones, and other internet-enabled devices. Having a record of all devices helps ensure that only authorized users have access and that any unidentified devices are promptly removed.


In addition to maintaining clear documentation of devices, networking monitoring tools can help with ongoing tracking of what devices are connected.

 

#3: How Long Does It Take To Recover?

Conducting regular tabletop exercises, where the team practices responding to a hypothetical incident, such as a ransomware attack or an unidentified device accessing the network, can help ensure that your team is ready to quickly and effectively address modern threats.

1. Assemble Your Team

Gather all relevant team members, including IT staff, cybersecurity professionals, and key stakeholders.

 

2. Choose a Scenario

This could be a simulated cyber attack, data breach, or any other incident that could impact your organization.

 

3. Walk through the scenario step-by-step

Start by setting the scene and outlining the initial incident. Then, have team members discuss and decide on their response, just as they would in a real-life situation. This might include activating your incident response plan, communicating with stakeholders, and taking necessary remediation steps.

 

4. Debrief and review

After the exercise is complete, take some time to debrief and review what happened. What went well? What could have been done better? Use this feedback to identify any areas for improvement and update your response plan as needed.

At a minimum, it’s recommended to conduct preparedness exercises annually to ensure that your team has the skills and resources necessary to respond to a cybersecurity incident. In addition, investing in a well-documented and rehearsed preparedness process can save time, money, and data in the event of a real incident.

 

Group of people discussing cybersecurity KPIs

Get Started Today

Keeping up with the trends can be tedious on your own, which is why we’re here to help. Outsourcing some or all Cybersecurity and IT is a smart business decision that can benefit businesses of all sizes.

Edge Networks can help you save money, improve your cybersecurity posture, optimize your systems, free up your time, and give you peace of mind. If you’re looking for a cost-effective way to manage and maintain your technology infrastructure, Managed IT is the right choice for you.


Contact us
 today to learn more.

Tips for Safer Internet Day 2023

Tuesday, February 7th, 2023 is the 20th anniversary of Safer Internet Day! The motto this year is Together for a Better Internet. Safer Internet Day started as an “initiative of the EU SafeBorders project in 2004 and taken up by the Insafe network as one of its earliest actions in 2005, Safer Internet Day has grown beyond its traditional geographic zone and is now celebrated in approximately 180 countries and territories worldwide.”

Some of the most prominent topics this year are:

  • Wellness
  • Identity
  • Self-Respect
  • Scams
  • Predators
  • Creeps

Internet safety doesn’t have to be hard. Here are a few simple things we recommend to take care of your digital footprint.

 

 

Private / Public Social Media Accounts

Whether you’re a business owner, influencer, or just online often, we recommend keeping your personal account separate from your business or creative account. Setting your personal accounts to private and keeping your personal day-to-day posts locked in that account will offer a higher level of protection from internet scams and harassment. 

 

It’s harder for someone to guess your password or send phishing messages if they don’t know about your personal life.

 

Password Managers

Password Managers are a great way to keep track of all your unique passwords. The longer and more complex your passwords are, the more difficult it is for someone to guess them and take over your accounts (or steal personal information).


We understand that there may be some fear over using a password manager, considering the recent news about 
LastPass’ breaches. However, most password managers do not store your master key within the password vault or within the company’s records. So even if data is stolen, as scary as that sounds, in a lot of cases that data is still encrypted and protected. At Edge Networks, we use 1Password as our password vault, and have been very happy with the service!

 

Of course, we always recommend using strong, unique, and long passwords, but one thing we recommend to people who really feel that they can’t use a unique password for every single online account they have is to organize their accounts into three different tiers. The first tier would be lower stakes sites that might have less security and may be more likely to be compromised, such as shopping websites. The next tier would be bigger businesses such as Amazon, or maybe your Healthcare account. The final tier would be reserved for high stakes information such as loans, your bank account, social security, etc.

 

Doing this is still risky, but it at least ensures that if a more lower-stakes account gets compromised and the low tier password is leaked, that same password won’t give hackers access to your more high-stakes accounts. This way, you’ll also know what other accounts in that tier will need their password changed.

 

Plus Email Addressing

Plus email addressing is an incredibly helpful tool in the event of a data breach. This type of email addressing allows you to add a “+” sign and additional words after your username, and have the email still be delivered to the same address. 


For example, if your email address is alexa@example.com and you wanted to create a new account on the Target website, you could use the email alexa+target@example.com and the email would still be delivered to alexa@example.com.

 

If you get hit with a phishing email or a spam email and you want to know where the attacker got your email from, you are able to go in and see the recipient address they sent it to. If that address is alexa+target@example.com, you know the account that was breached was your Target account. This is a great way to create accountability and keep good track of your data being compromised without having to create a new email account for each account that you make.

 

Remember to Stay Safe Online

Safer Internet Day is a great reminder that we can play a role in a safer internet not only today, but every day of the year. One of the easiest ways to get involved with Safer Internet Day is by starting conversations and raising awareness with the people around you, whether it’s your partner, children, work colleagues, parents, friends, or clients.


Contact us
 today if you’d like to learn more about protecting your business’ data online.

Cybersecurity Trends To Follow Beyond 2022

As the digital world continues to grow, so does the cyber threat landscape. Therefore, IT departments must stay updated with cybersecurity trends to stay one step ahead of hackers.

Are you curious about what to focus on? Here are a few key trends to watch:

 

Attack Surface Expansion

In the past, IT was managed within the borders of an IT environment company’s network.


Now with remote work and work-from-home staying mainstream, everything’s borderless. As a result, the 
attack surface, or the number of all possible points an unauthorized user can access your system, has expanded.


This can happen in many ways, but it is most often caused by introducing new systems or devices into an organization’s network.


Attackers can use these new devices to get into your IT infrastructure and run malicious programs. For example, if you are running a business with remote employees and you introduce a Virtual Private Network (VPN) connection for them, this may open up an attack point for hackers to get into your network.


Working with a well-trained Cybersecurity and Managed IT team, either internally or externally, can help protect the flow of your company’s data, ensuring the safety of your network.

 

The Human Element

A solid onboarding and continuous learning program will set your team up for success. Technology is evolving rapidly, making regular training sessions an essential part of Cybersecurity health. 


At Edge Networks, our team goes through weekly training via 
Ninjio to stay updated with the latest trends and best practices to ensure our clients are provided the best possible cybersecurity and IT services.

 

cybersecurity trends

The Misconception of the Cloud

Cloud services are a boon in the remote work environment. However, cloud service providers are not responsible for the data stored on your company’s servers. They are only responsible for the infrastructure that runs the systems. 


There is a
 shared responsibility matrix to consider when using cloud services to store and share company data. The service provider promises to keep the infrastructure running, while your company promises to maintain the best cybersecurity practices to ensure the security of the company’s data.

Below is a diagram illustrating how Microsoft manages the division of responsibility.

 

A common pitfall is not keeping up to date with server patching. Cloud service providers will roll out updates to their servers to ensure the security and integrity of the cloud. If a company doesn’t stay updated with these patches, it can expand its attack surface points and put the cloud data at risk.

 

Get Started Today

Keeping up with the trends can be tedious on your own, which is why we’re here to help. Outsourcing some or all Cybersecurity and IT is a smart business decision that can benefit businesses of all sizes.


Edge Networks can help you save money, improve your cybersecurity posture, optimize your systems, free up your time, and give you peace of mind. If you’re looking for a cost-effective way to manage and maintain your technology infrastructure, Managed IT is the right choice for you.


Contact us
 today to learn more.

5 Reasons Outsourcing Your IT Is a Smart Business Decision

In today’s world, businesses need to be able to rely on their technology. When something goes wrong with your IT infrastructure, it can have a major impact on your bottom line – that’s why so many businesses are turning to Managed IT services as a way to improve their cybersecurity posture and optimize their systems.

Outsourcing your IT can save you time and money in the long run, and it can help you focus on what you do best – running your business.

 

What are Managed IT Services?

Managed IT services involve hiring an outside provider to manage, monitor and maintain your business’s technology infrastructure. Managed IT providers can provide services like server monitoring, system patching, security updates, backup solutions, and more, and can help you save money on hardware, software and support costs while improving your cybersecurity posture and optimizing your systems.

 

Who Would Benefit from Outsourcing Managed IT Services?

Managed IT services are a great option for businesses of all sizes. Providers can provide customized solutions to meet the specific needs of your business, so you can have peace of mind knowing that your systems are secure and running efficiently.

Larger companies, especially those in highly regulated industries, may find outsourcing their IT even more helpful, as they can help them meet strict security and compliance requirements, though it’s also a great option for small businesses who don’t have the budget or resources to manage their IT system themselves. In fact, according to Somatosoft (2022), Outsourcing helps companies reduce costs by about 15% on average but up to 60% .

No matter what size your business is, Managed IT services can help you save money, improve your cybersecurity posture, optimize your systems, free up your time, and give you peace of mind and are an important part of running a successful business in today’s digital age.

 

5 Reasons You Should Outsource Your IT

There are many reasons outsourcing your IT is a smart business decision, but here are a few:

 

1. Managed IT services can help you save money.

Small businesses often have limited resources or budget. Managed IT providers can help businesses like this save time and money by taking care of routine maintenance and security updates as well as providing 24/7 monitoring and threat detection, so they don’t have to worry about their systems. They also often get discounts on software and hardware, which they can pass on to you.

Managed IT services can also help businesses scale quickly and easily, so they can expand without having to hire additional in-house staff or purchase expensive hardware and software. It also provides the flexibility and scalability that businesses need in order to stay competitive in today’s market, and can help you avoid the cost of downtime if an outage or attack occurs, which can be very expensive for businesses.

When you outsource your IT, you can save money on things like hardware, software, and support, and with Managed IT, you only pay for the services you need, when you need them. This can help you free up your budget for other important areas of your business.

 

2. Managed IT services can improve your cybersecurity posture.

The term “cybersecurity posture” refers to an organization’s overall security profile. This includes the measures it takes to protect itself from cyber threats and breaches, such as installing anti-virus software, using encryption technologies, regularly patching systems, and training employees on cybersecurity best practices.

By improving its cybersecurity posture through Managed IT services, an organization can better protect itself from malicious actors and data breaches. Providers offer a variety of solutions to help organizations improve their security postures, including 24/7 monitoring and threat detection capabilities.

With Managed IT, you’ll also have access to the latest security tools and best practices, so you can rest assured that your business is protected.

 

3. Managed IT services can help you optimize your systems.

Managed IT services can help you get the most out of your technology investments and optimize your systems by providing expert advice and support so problems can be quickly identified and addressed, ensuring that your systems are always running smoothly and at peak performance.

Managed IT providers can also help you troubleshoot issues and identify inefficiencies, so you can avoid costly downtime, and if you’re a growing business, it can help you scale your IT infrastructure quickly and easily as new users are added, new systems are set up, and new applications are installed so you can continue to grow without having to worry about your IT infrastructure.

 

4. Managed IT services can help you free up your time.

A 2016 survey done by Deloitte found that 65% of businesses decide to outsource so they can focus on business objectives. When you outsource your IT, you can free up your time to focus on other important areas of your business.

With Managed IT, you’ll have access to a team of experts who can handle all of your IT needs, so you can focus on growing your business. Managed IT providers will proactively monitor and manage your systems, so you don’t have to. They can also provide you with help desk support, so you don’t have to waste time troubleshooting IT issues yourself.

 

5. Managed IT services can give you peace of mind.

When you outsource your IT, you can have peace of mind knowing that your systems are in good hands. With Managed IT, you’ll have access to a team of experts who will proactively monitor and manage your IT systems, so you can focus on running your business. Managed IT providers can also provide you with regular reports, so you can stay up to date on the health of your systems. 

 

Get Started Today

Outsourcing your IT is a smart business decision that can provide many benefits to businesses of all sizes.

Managed IT providers can help you save money, improve your cybersecurity posture, optimize your systems, free up your time, and give you peace of mind.  So if you’re looking for a cost-effective way to manage and maintain your technology infrastructure, Managed IT may be the right choice for you.

Want to find out if Managed IT Services is right for your business? Contact us today to learn more.

Smart Home Breaches: How to Prevent Them and What to Do If They Happen

It’s no secret that smart homes are becoming more and more popular. For many, a smart home helps make life a little easier and even feel more luxurious, whether it’s a Google Home being used as a speaker to stream your favorite songs across the house, a Ring doorbell keeping track of who’s on your doorstep, or an Amazon Alexa automating tasks around your home. Consumers have access to a growing range of IoT appliances, including smart refrigerators, lightbulbs, coffee makers, and even washing machines, proving that there is something for everyone in the smart home device realm.

While this technology offers many benefits, it also comes with a risk: cybersecurity threats. Because the smart device market is expanding quickly, it has become a fast-growing target for hackers. In the first half of 2021 alone, there were more than 1.5 billion attacks on smart devices, with attackers generally looking to steal data or use compromised devices for future breaches and cryptocurrency mining. If proper precautions aren’t taken, your smart home devices can be vulnerable to data breaches too.

In this blog post, we will discuss what smart home breaches are, what to do if your device is compromised, how businesses can be affected, and how to prevent these breaches.

 

What is a Smart Home?

A smart home is a home that uses internet-connected devices to automate tasks like lighting, security, temperature control, and more. These devices are often controlled by a mobile app or voice assistant such as Amazon Alexa or Google Home. While smart homes offer many conveniences, they also create new opportunities for cybercriminals to creep into your home.

 

smart home breach

What is a Smart Home Breach?

A smart home breach is when an unauthorized user gains access to your smart home devices or network. This can happen in a number of ways; here are a few of them.

 

Unsecured Wi-Fi networks and Bluetooth connections

Unsecured Wi-Fi networks and Bluetooth connections leave your home vulnerable to attack. If a hacker gains access to your smart home, they can steal your personal data, spy on you, or even control your devices remotely.

By exploiting vulnerabilities in smart home devices, hackers can gain access to your network and steal your data. This type of attack is especially concerning because it can happen without the homeowner ever knowing that their security has been compromised

 

Malicious Apps

These breaches can often occur through malicious apps. There are many smart devices that can be controlled by mobile apps. However, there are also many malicious apps that masquerade as legitimate smart home apps. These malicious apps can give attackers access to your smart home devices and data.

 

Phishing Attacks

Attackers will send you an email or text message that appears to be from a legitimate company, such as your smart home manufacturer or service provider. The message will likely contain a link that takes you to a fake website where you are prompted to enter your personal information, such as your username and password. Once the attacker has this information, they can gain access to your smart home devices and data.

 

What Should You Do if a Smart Home Breach Occurs?

Change Passwords

Change the passwords for all of your online accounts, especially any that are linked to your smart home devices. This includes your email, social media, and any other accounts that might be connected to your smart home in some way. It’s also a good idea to keep an eye on your credit report and bank statements for any suspicious activity.If you notice anything out of the ordinary, be sure to report it to the proper authorities.

 

Factory Reset Your Devices

 If you’re really worried about someone gaining access to your smart home devices, you can always factory reset them and start from scratch. While this may be a hassle in the short-term, it’s worth it if it means protecting your data and keeping your family safe.

 

Report the Incident

Reach out to your smart home’s customer support line and let them know what happened. They may be able to help you troubleshoot the issue and prevent it from happening again in the future. They may also have additional steps for you to take or may be able to help you remotely disable any malicious functionality that has been added to your devices.

 

How to Prevent Smart Home Breaches?

Reach out to your smart home’s customer support line and let them know what happened. They may be able to help you troubleshoot the issue and prevent it from happening again in the future. They may also have additional steps for you to take or may be able to help you remotely disable any malicious functionality that has been added to your devices.

 

Create Strong Passwords for Your Smart Devices

Setting a strong password for your smart device and your network can help keep your data safe and secure.

 

Use a Private Wi-Fi Network to Connect to Your Smart Home

You should also avoid using public Wi-Fi networks to connect to your smart home as these are often unsecure. Public wifi networks are often unencrypted, which means that anyone can listen in on the data being sent back and forth. This includes passwords, credit card information, and more. Ideally, you would use a private Wi-Fi network with a strong password. If you must use public Wi-Fi, make sure to use a VPN (virtual private network) to encrypt your data.

 

Update Your Device’s Software Regularly

To help combat breaches, it’s important to keep your smart devices’ software up-to-date. Manufacturers often release updates that patch security vulnerabilities, so by keeping your software updated, you’re helping to protect yourself from potential breaches and closing any potential security holes that could be exploited by malicious actors.

 

How Can Smart Home Breaches Affect My Business?

If you’re a business owner, it’s important to be aware that smart home breaches can affect you as well. For example, if an employee’s smart home is breached, the attacker could gain access to sensitive company data. To prevent this from happening, businesses should have strict cybersecurity policies in place, and employees should be trained on how to keep their smart devices secure.

If your business uses smart devices around the office, it’s important to take the right precautions to avoid a smart device breach. Make sure that all smart devices are password-protected and that only authorized employees have access to them. You should also have a cybersecurity plan in place in case of a breach. This plan should include steps for how to identify and fix the issue, as well as how to prevent future breaches from happening. You should also prioritize educating your employees on smart device security and best practices, as well as how to respond if a breach does occur.

 

How a Managed IT Service Provider Can Help

If you’re not sure where to start, a managed IT service provider can help you create and implement a cybersecurity plan. They can also provide guidance on smart device security and help you troubleshoot any issues that arise.

Contact us today to learn more about how we can help keep your business and home safe from breaches.