Human resources and finance departments are major targets for hackers, and the threat is on the rise. Phishing attacks, or the use of authentic-looking emails to gather sensitive information, are getting more sophisticated over time. Hackers are studying the writing styles of executives on LinkedIn and Facebook and will “do everything that they possibly can do to look like an executive” in a phishing email, says E.J. Whaley, a solutions engineer at GreatHorn. “HR is definitely at the top of the list in terms of areas of interest for an attacker because of the types of data that they have access to.” The uptick in the sophistication of phishing attacks goes beyond mimicking the CEO. Employee data is more valuable to hackers than customer data because it may include Social Security numbers, dates of birth, names of dependents, and other valuable pieces of data, says Eva Casey-Velasquez, CEO at the Identity Theft Resource Center. The growing appetite for that kind of information is putting HR databases at higher risk. Unlike consumer data breaches that can be remedied by changing payment card information, dates of birth and dependents’ names do not change often. These types of breaches can cause significant damage, Casey-Velasquez says.
Read the full article on searchhrsoftware.techtarget.com.
Photo Credit: via searchhrsoftware.techtarget.com