To keep companies safe, senior executives must protect themselves too. Beyond personal information being at risk, company information is often just one step away from compromised accounts. According to Rachel Tobac, a hacker and the CEO of SocialProof Security, “It only takes 1 email, a 30 second call, or 1 social media DM for her to hack VIPs and gain access to your money, data, and systems.” There has never been a better time for business leaders to take control of their online security, and here are the top five ways that senior executives can protect themselves online:
One of the easiest ways for hackers to gain access to your accounts is through the use of weak, easily guessable, or reused passwords. A trusted password manager can generate strong, unique passwords for all of your accounts and store them securely. This way, you don't have to remember dozens of different passwords and can use a unique password for each account, making it much more difficult for hackers to gain access.
Two-factor authentication adds an extra layer of security to your accounts by requiring a second form of verification, such as a fingerprint or a code sent to your phone, in addition to your password. This makes it more difficult for hackers to gain access to your accounts, even if they manage to figure out your password. For the most secure authentication, avoid using SMS text messages for your second factor as SIM attacks, where a hacker steals your mobile phone number, can be used against high-value targets, such as senior business leaders.
Phishing scams continue to proliferate, enabling hackers to gain access to people's accounts. These scams typically involve an email or text message that appears to be from a legitimate source, such as a bank or a government agency, but is actually from a hacker. The message will usually contain a link that, when clicked, will lead to a fake website that looks like the real one and will ask for personal information such as login credentials. Be cautious of any suspicious email or message and never click on any links in an email or message unless you are certain of their authenticity. A good password manager will not automatically fill in your passwords if it doesn’t recognize the website—an early indicator that something is suspicious.
Your computer and mobile devices represent a conduit for hackers to gain access to your information. Make sure to keep your operating system and any installed software up to date, as updates often include security patches for known vulnerabilities. Employ any built in security mechanisms to your devices such as biometric unlock, and extra protection or encryption where possible.
As a senior executive, you are likely a known figure in some way, and your online presence visible to malicious actors. Be mindful of what you post online and make sure that the information is not sensitive or potentially damaging. Use privacy settings to limit the amount of information that is available to the public and be cautious of the social media apps you use. Hackers can use this information to try to answer security questions (What is your mother’s maiden name?) to get around two-factor authentication or password reset requests.
By taking these steps, senior executives can significantly reduce the risk of their accounts being compromised. However, it's worth noting that systems are only as strong as the people using them, and executives should always be vigilant and aware of any suspicious activity. Regularly review security settings, have an incident response plan in place, and educate your team to be aware of the common scams and phishing attempts.
In summary, keeping your online accounts safe requires a multi-layered approach. By using a password manager, enabling two-factor authentication, being wary of phishing scams, keeping your devices secure and being mindful of your online presence, you can greatly reduce the risk of your accounts being compromised. Remember, security is always an ongoing process, and it's essential to stay updated and vigilant.
It only takes 1 email, a 30 second call, or 1 social media DM for her to hack VIPs and gain access to your money, data, and systems.
Rachel Tobac executes social engineering attacks like these for a living and uses her ethical real-life hacking stories to keep VIPs and business executives up to date on the methods criminals are using. She'll break down how remote work has changed the hacker playbook, recent cyber attacks in the news, and how you can defend against the latest executive-based manipulation tactics. Her stories from the field and live hacking demonstrations throughout the webcast will keep you and your team "politely paranoid" to catch the next human hacker in the act.
Register now for the Hacker’s Guide to VIP Security webcast with Rachel Tobac, hacker and CEO of SocialProof Security. Rachel and her team help companies and people keep their data safe through pentesting and providing training on social engineering risks. In her spare time, Rachel is the Chair of the Board for the Women in Security and Privacy (WISP) nonprofit where she works to advance women to lead in the fields.