The Latest Phishing Scams to Emerge Due to the “New Normal”

In the “new normal,” many companies have completely shifted to a remote working environment or have adopted a hybrid model. With this shift, employees are being faced with an increase in online meetings, emails, and chat messages from colleagues. Although this digital workplace has been proven to increase productivity levels in employees, according to a recent Popular Science article, companies are experiencing an increase in cyber attacks and phishing scams, including the newest iteration of the “Nigerian Prince” scam.  

Popularly known as the “Nigerian Prince” scam, hackers will lure email recipients in by stating that they are royalty and will offer a large sum of money or a major investment opportunity. They will ask for their bank account number to transfer money into or smaller advance payment to cover a wire transfer. However, when someone provides their bank account number, they will drain the victim’s bank account. Although many are now familiar with this scam, the newest version of the scam is adapting to the pandemic, which includes fake emails from:

• Human Resources: Often, these will be concerning the company’s COVID-19 regulations that force employees to log in or click on a link that will launch a malicious cyber attack.
• The CEO: Requesting that they transfer funds or purchase products that will enable fraudsters to receive bank account information.
• Vendors: The fraudster will create an invoice that is identical to a real vendor’s invoice and request payment information.

According to the article, businesses lost nearly $3 trillion worldwide in 2019, due to these scams. Prof. Regner Sabillon, et. al. from Universitat Oberta de Catalunya, Barcelona, Spain, outline how businesses can properly educate their employees and protect their businesses from these malicious attacks in their article, “An Effective Cybersecurity Training Model to Support an Organizational Awareness Program: The Cybersecurity Awareness TRAining Model (CATRAM),” in Journal of Cases on Information Technology (JCIT) (IGI Global). View the article below:

Journal of Cases on Information Technology (JCIT) Est. 1999| Published: Quarterly | ISSN: 1548-7717| EISSN:1548-7725 This publication e publishes comprehensive, real-life teaching cases, empirical and applied research-based case studies, and case studies based on individual, organizational, and societal experiences related to the utilization and management of information technology. Cases published in JCIT deal with a wide variety of organizations such as businesses, government organizations, educational institutions, libraries, non-profit organizations, and so forth...Learn More.

A good Cybersecurity Awareness Program must include adequate training that is aligned with the organization’s objectives, the focus to raise cybersecurity awareness while performing employee’s duties and an interactive communication between all stakeholders for any cybersecurity matter.

Awareness programs may fail if they are not designed to change people’s behavior and likewise if a positive impact on any organization cannot be achieved. A cybersecurity awareness program is a corporate long-term investment that will help to create a cybersecurity culture if training is delivered on a continuous basis. A more aggressive vision of the awareness aim is to go beyond the prevention of cybersecurity incidents.

We believe that the proposed Cybersecurity Awareness TRAining Model (CATRAM) can represent a solid foundation for the implementation of any organizational cybersecurity awareness program. CATRAM can also review any awareness training model that is consistent and updated with the current cyberthreat landscape.

Despite enough cybersecurity measures, employees continue to be the weakest link in cybersecurity. Staff are directly connected to financial losses related to data breaches and cybersecurity incidents (Pendergast, 2016).

Cano (2016) emphasizes that one of the consequences of current information security training methodologies is the “Bottom-up delegation”; this scenario does not allow end users to practice freedom and autonomy when it comes to data protection but instead follow and abide certain organizational information security policies.

According to the Gartner Magic Quadrant (2016) for Security Awareness Computer-Based Training where leaders, visionaries, challengers and niche players are positioned. The Leaders are SANS Institute, Wombat Security Technologies, PhishMe, MediaPro, Security Innovation, Inspired eLearning, Terranova WW, PhishLine, Global Learning Systems, The Security Awareness Company; Visionary vendors are Popcom Training and Security Mentor; Challenger vendors are BeOne Development, KnowBe4 and Optiv Security and last but not least are niche players like Junglemap, Digital Defense, Symantec (Blackfn Security) and Secure Mentem.

According to the Global Security Awareness Report from SANS (2017), time and communication were identified as the critical takeaways to a thriving awareness program. The findings highlighted poor communication to engage people, the problem of time and lack of resources being assigned to a corporate awareness program. The participants reported that they implemented awareness and behavior change (54.6%), had a compliance awareness program (27.1%), achieved long-term sustainment and culture change (9.8%), defined a program with robust metrics (0.9%) and did not have a cybersecurity awareness program at all (7.6%).

Symantec (2014) argues that poorly trained personnel increases the risks of disclosure and loss of sensitive data like Personal Identifiable Information (PII) and Intellectual Property (IP). Its Security Awareness Program reduces vulnerabilities by creating a corporate culture and train employees to protect any organization critical assets from cyberattacks, exploitation, fraud and unauthorized access. The main topics of Symantec’s training program are information security, threats, vulnerabilities, countermeasures, securing the workplace, securing mobile users, protecting Internet information, social media mobile device security.

Understanding that the latest research around cybersecurity is of the utmost importance, the latest research covering cyber attacks, phishing scams, and more is found in the Journal of Cases on Information Technology (IGI Global), edited by Prof. Andrew Borchers, from Lipscomb University, USA. This title publishes comprehensive, real-life teaching cases, empirical and applied research-based case studies, and case studies based on individual, organizational, and societal experiences related to the utilization and management of information technology. Cases published in JCIT deal with a wide variety of organizations such as businesses, government organizations, educational institutions, libraries, non-profit organizations, and so forth.

It is currently available in electronic format (EISSN: 1548-7725) and print (ISSN: 1548-7717) format through IGI Global’s Online Bookstore. To support customers in easily and affordably obtaining this journal, IGI Global is now offering an automatic 50% discount* on all 2021 e-journal subscriptions directly through IGI Global’s Online Bookstore. Additionally, enjoy a 20% discount on all other products and formats. This discount is also being offered through all major journal subscription agencies, including EBSCO Subscription Services, LM Information Delivery, Otto Harrassowitz, WT Cox Information Services, and more.

This publication is also featured in IGI Global’s InfoSci-Journals, a database featuring 27,000+ articles with over 1,000,000 citation references. InfoSci-Journals hosts key features such as full-text PDF and HTML format, no DRM, unlimited simultaneous users, and no embargo of content (research is available months in advance of the print release). Spanning across 350+ topics in 11 core subject areas, including computer science, education, media and communications, social sciences and humanities, and more, this robust research database is ideal for academic and research institutions.

Additionally, when a library invests in IGI Global’s InfoSci-Journals database, they can take advantage of IGI Global’s Open Access (OA) Fee Waiver (Read and Publish) Initiative to provide their institution with an additional source of OA article processing charge (APC) funding. Through this transformative initiative, IGI Global matches the library’s investment with a fund of equal value to go towards subsidizing the OA article processing charges (APCs) for their faculty patrons at that institution when their work is accepted under OA into an IGI Global journal.*

Be sure to subscribe or recommend this publication or the InfoSci-Journals database to your library to have access to this critical content.

Interested in submitting an article for consideration to JCIT? View the Call for Papers here, or contact Dr. Andrew Borchers at JCIT@igi-global.com.

Featured Publications Surrounding This Topic:

Learn More Recommend to Library Encyclopedia of Criminal Activities and the Deep Web Mehdi Khosrow-Pour D.B.A. (Executive Editor, IGI Global, USA) Copyright: 2020| Pages: 1,162 | ISBN: 9781522597155 | EISBN: 9781522597162 This title is a three-volume set that includes comprehensive articles covering multidisciplinary research and expert insights provided by hundreds of leading researchers from 30 countries including the United States, the United Kingdom, Australia, New Zealand, Germany, Finland, South Korea, Malaysia, and more. This comprehensive encyclopedia provides the most diverse findings and new methodologies for monitoring and regulating the use of online tools as well as hidden areas of the internet, including the deep and dark web. Highlighting a wide range of topics such as cyberbullying, online hate speech, and hacktivism, this book will offer strategies for the prediction and prevention of online criminal activity and examine methods for safeguarding internet users and their data from being tracked or stalked.

Learn More Recommend to Library	Safety and Security Issues in Technical Infrastructures Prof. David Rehak (VSB – Technical University of Ostrava, Czech Republic) and et. al. Copyright 2020| Pages: 499| ISBN: 9781799830597| EISBN: 9781799830603 This title is a pivotal reference source that provides vital research on the modernization of occupational security and safety practices within information technology-driven buildings. While highlighting topics such as explosion process safety, nanotechnology, and infrastructural risk analysis, this publication explores current risks and uncertainties and the raising of comprehensive awareness for experts in this field. This book is ideally designed for security managers, safety personnel, civil engineers, architects, researchers, construction professionals, strategists, educators, material scientists, property owners, and students.

Learn More Recommend to Library	International Journal of Cyber Warfare and Terrorism (IJCWT) Profs. Graeme Pye (Deakin University, Australia) and Brett van Niekerk (University of KwaZulu-Natal, South Africa) Est. 2011| Published: Quarterly| ISSN: 1947-3435| EISSN: 1947-3443 This title publishes original innovative findings on ethical, political, legal, and social issues relating to security and cybernetic wars. This journal focuses on cyber warfare and terrorism using examples from around the world. IJCWT covers technical aspects, management issues, social issues, and government issues that relate to cyber warfare and terrorism.

Learn More Recommend to Library	International Journal of Cyber Research and Education (IJCRE) Prof. Lawrence A. Tomei (Robert Morris University, USA) Est. 2019 | Published: Semi-Annually | ISSN: 2577-4816| EISSN: 2577-4824 This title is a high quality, peer-reviewed journal that covers applied, theoretical, and operational research, sponsored academic education and corporate training, and the application to knowledge in academia, government, corporate, and law enforcement. The journal will provide a unique place for scholars and practitioners to address emerging cyber and law enforcement challenges which are growing in scope and urgency as countries around the world are becoming increasingly dependent on digital information and networks. The journal is committed to providing quality empirical research as well a scholarship grounded in real-world implications and solutions.

Disclaimer: The opinions expressed in this article are the author’s own and do not reflect the views of IGI Global.

About IGI Global: Founded in 1988, IGI Global, an international academic publisher, is committed to producing the highest quality research (as an active full member of the Committee on Publication Ethics “COPE”) and ensuring the timely dissemination of innovative research findings through an expeditious and technologically advanced publishing process. Through their commitment to supporting the research community ahead of profitability, and taking a chance on virtually untapped topic coverage, IGI Global has been able to collaborate with over 100,000+ researchers from some of the most prominent research institutions around the world to publish the most emerging, peer-reviewed research across 350+ topics in 11 subject areas including business, computer science, education, engineering, social sciences, and more. To learn more about IGI Global, click here.

Newsroom Contact
Caroline Campbell
Marketing Manager
ccampbell@igi-global.com
(717) 533-8845, ext. 144
www.igi-global.com/