This is the type of year that cyber criminals dream of. There are so many huge national and world events happening in 2012, and we know that the bad guys like using events and situations that generate a lot of news and a lot of interest. Hence, with a second half of 2012 that involves a major European soccer event, a presidential election and the summer Olympics, you can also expect to see a lot of scams and a flood of malware attacks. This is especially so as more sporting events and campaigning is done via the Internet.
Like it or not, your employees are going to sneak a peek at the Olympic Games and soccer matches and maybe check on the latest political news on their work computers. It is going to be up to you to make sure they know what is legitimate and what could end up infecting your network.
Karine de Ponteves, a FortiGuard AV analyst, said we should expect to see an increase in things like fake lotteries, purchase fraud (phony ticket prices) and rogue AV hitting popular sites to check scores or to get updates. Also expect to see an influx of infected video links and phishing schemes.
You might think that your fellow staff members know enough not to fall for these scams. But there is a reason why phishing schemes and scams are still prevalent: People continue to fall for them. And with the ever-blurring line between home and office computing these days, you have to assume that your network is at risk from employee behavior, no matter where or how or what device is accessed.
Alex Fitzgerald at Mashable printed four tips on how to protect your network. They are simple, straightforward tips, like better passwords and risk management. But I want to emphasize items two and three: mobile device education and social media education. He breaks them out to give better focus for each, but I think he could have added social engineering education. As we move into a busy media season, this would be a good time to reinforce some basic security education - not only what to look for but also explaining how falling for schemes or clicking on malicious links can end up hurting both the employee and the company.