• Skip to main content
  • Skip to footer

Commonwealth Sentinel

Cyber Security for local government, non-profits and small business

MENUMENU
  • Home
  • About Us
    • Sheri Donahue
    • Leo Haggerty
    • Careers
  • Services
    • Vulnerability and Threat Evaluation
    • Transformation Management
    • CISO Management Services
    • Incident Response Management
  • News
  • Blog
  • FAQs
  • Contact Us

commonsent / February 3, 2022

Trust but Verify

When you receive an email from someone you know or an organization with whom you have been doing business, your defenses are usually down. You have known this person for a long time or you have been dealing with that company for years. Maybe it is a brand that elicits trust…Microsoft, Amazon, Apple, Verizon, etc.

However, are you sure that the person who sent that email is indeed who you think it is? Is it really Sally whom you have talked to, whose son plays high school basketball and is preparing for graduation? Poor Sally sure is gonna miss him when he heads off to college. She says in her email that she needs you to resend your company’s account info for an internal audit they’re undergoing and you know she’s been stressed about it.

Are you sure that the alert email came from Amazon? It says an order was placed on your account for 5 new iPhone 13’s and they are checking to be sure it was you who ordered them before they charge your credit card. That’s great that Amazon knows your buying habits and is trying to protect you. The email provides a link for you to easily click on and enter your credentials to submit a response that you did NOT order those phones and to make sure they do not charge your credit card on file. Whew! That was a close one.

You can sleep well tonight. You helped Sally through her company audit. She’s dealing with the stress of empty nest and this audit must be really tough for her. You’re glad you could help her out. She is a nice lady. And thank goodness the folks at Amazon are watching out for you. The charge for 5 new iPhones would have probably maxed out your credit card and you would never have known until you got the bill – and no iPhones.

Except you don’t sleep well because you have nightmares. When you wake up in the morning you realize it was not a dream. You suddenly get a sick feeling that something may not be right. As soon as you get to the office, you call Sally. That email was not from her. Then who did you send your company’s account information to? While your company CISO and her security team are tracking that down you step outside and call Amazon to ask about that charge they emailed you about. Your stomach sinks again when they tell you that there was no charge and that they did not send that email. However, there have been some new charges this morning. But you know it wasn’t you. 

The moral of the story is you never know who is on the other end of an email. Phishing emails that come from people or companies you have never heard of or worked with before are easy to spot as fake. However, the toughest ones are those that pretend to be someone you know or trust.

Don’t be afraid to double-check. Call Sally when you get an email asking for information that would be harmful to your company if you sent it to someone other than her. If you need to log in to a site as a result of an email, don’t trust the link they send you. Go to the site the way you usually would. Use the app you always use.

We have become so accustomed to the convenience of text messaging, emails, and all things automation that we allow ourselves to be tricked into becoming a victim. Take that extra minute. In the long run, it can save you many hours, money, trouble, and maybe even your job.

Filed Under: Blog

Footer

CONTACT US

COMMONWEALTH SENTINEL

1230 US Highway 127 S
Suite #5
Frankfort KY 40601
(502) 320-9885

EMAIL US

ABOUT US

Cyber security consulting for local governments, non-profit organizations, and small businesses facing the threats of the cyber world.  At Commonwealth Sentinel, we are passionate about helping people be cyber-safe!

FOLLOW US

  • Email
  • Facebook
  • LinkedIn
  • Phone
  • Twitter
  • YouTube

Copyright © 2023 Commonwealth Sentinel

We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT