You keep your system firewalls current with regular updates and a switched-on IT provider. What about the human factor?
Scammers using social engineering can fool organisation leaders and team members into revealing key data. Just as people become wise to one technique, scammers develop another. They rely on people being friendly, helpful or naïve. Raise the subject regularly in team meetings to alert your team to scams and strategies to block them.
For instance, ‘pretexting' is a scam where the scammer pretends to be a genuine contact to obtain sensitive data:
- A caller says they’re from the organisation's IT consultant and asks for login details because they’re doing ‘routine maintenance’ and need remote access
- A contact comes through social media as a prospect interested in what the business offers, lulling you into revealing sensitive information
- Team member get an email asking them to purchase some gift cards and then reply back with the details
Run scenarios with your team. Learn to take a minute. Think. Who do you call to verify the contact is genuine? Your in-house IT Manager, your IT consultant or your Organisation Manager? Put procedures in place to safeguard what information is given out, when and to whom.
"Great overview, very interesting to see it all broken down." "I will implement the knowledge and share it with my non-profit committees. I look forward to attending the next workshop"
