Bruce Schneier has an interesting article today about impersonation. In this case it is bad actors abusing havard.edu email addresses.
Using Fake Student Accounts to Shill Brands – Schneier on Security
Impersonation is a real threat to any business, that does not have clear policies and procedures, and clear lines of communications, for all members of staff, top to bottom. We have had to deal with a variety of incidents where impersonation of staff members, via email or phone/text messages, has lead to business compromise. Often the impersonations are of senior people in the organisation, and the communications are to subordinate members of the team to carry expensive instructions.
Sorting things out afterwards can be difficult and expensive – doing it before you have a problem is common sense.
If you are struggling to create framework for a secure organisation we have common sense training and paperwork solutions that can be scaled depending on your size and risk appetite.
Clive Catton MSc (Cyber Security) – by-line and other articles