Cyber Chat Episode 10 – The pay rise and brexit cyber scam

Video Resource

In episode 10 Rob May describes 3 classic cybersecurity scams your employees could be falling victim to, the pay rise, brexit and Christmas bonus scam.

Managing the ongoing cybersecurity of your IT infrastructure should be a primary concern – whatever the shape or size of your organisation. Cybersecurity breaches are the number one threat in today’s business landscape. Incidents come in many forms: cyber attacks; laptops left on trains; malicious staff; or, even more simply, accidental data loss caused by human error. The human firewall is vital as a line of defence for any organisation and in this video Rob, author of The Human Firewall (available on Amazon) explains what the Human Firewall is.

Find out more about ramsac’s cybersecurity services

Cyber Chat – Episode 10 – video transcript

Hi, I’m Rob May, I’m MD of ramsac and welcome to Cyber Chat. Today, I want to talk to you about a couple of things really. The first issue is Excel macros. So, quite a lot of cyber attacks are perpetrated through Excel macros. And if you use Microsoft Excel, I’m quite sure that at some point you’ve had a message that pops up to say do you want to enable macros? Well, a macro is just a list of instructions, and normally to copy data from one data source to another or to update a data sheet. But a macro could be any form of instructions, including download an executable from a website and run it on your device. So, the first tip, is that your IT guys should be disabling Excel macros for the majority of your users. If I look at any business most of the users within the business don’t need macros. So, you can disable those and that can be done globally using something called group policy, just to make that automated, and you create a group of people who can use macros so that’s the first thing.

The second thing is a series of scams, which are all in effect, the same scam and they use a combination of Excel macros and spoofed emails. So, the first one, is called the pay rise scam. So, if you imagine, the way this works is an email is sent supposedly from one director in a business to another director and it’s accidentally copied into all staff. So, you imagine you come into work tomorrow and there is an email from Susan to John, saying “John, ahead of our board meeting on Monday,” here’s an Excel spreadsheet showing all the proposed staff pay rises. So, there’s an Excel spreadsheet, everybody’s got it and staff think oh my goodness I didn’t know we were getting a pay rise! And it only takes one person to open that spreadsheet and say yes to enable macros, for you to have a big problem. And you know it’s human nature. Because firstly people are going to want to know that they are getting pay rise and secondly, they might want to know what their colleagues are earning and it’s really clever.

The second one and it’s the same scam. It’s called the Brexit scam. (Not that Brexit scam, the other one) On this one, it’s the same thing again. So, there’s an email in your inbox when you come into work from Sue to John and it says ahead of our directors meeting on Monday. Here’s an Excel spreadsheet showing all the proposed post Brexit redundancies. And again, human nature people are going to think Oh my goodness, I didn’t know that we were going to have any redundancies and is my job safe and so on. So, really clever in terms of being able to get somebody to click on that link and open it and if they choose enable macros then that’s when the cyber attack gets its payload.
Third variant of it. Which around the Christmas season is very popular is exactly the same email from Susan to John accidentally copied into all staff ahead of our board meeting on Monday, here’s an Excel spreadsheet showing all the proposed staff Christmas bonuses. And so, it’s exactly the same scam, but we get we see lots and lots of different variants and you just need to be aware of it.

There’s a study that Harvard University did that showed that an intelligent person needs to hear something 6 times before they get it. And I think that’s particularly true of, well, all communication, but just thinking of the Brexit scam. I had an example where we had a client, who had been hit by the Brexit scan. I then had lunch with the managing director of a client of ours, and I told him about it, that it had happened that morning and he said that’s terrible, he said could you write me an email that I could share with the staff? So, I wrote an email, which he sent as if it was from him, telling his staff, all about the Brexit scam. Now, this client also has an internal newsletter, so, a couple of weeks later, this was the front page story, on the newsletter, that everybody received. and a few weeks after that I was in the client, delivering some staff cyber briefings. And I included a slide that talked about this Brexit scam, knowing full well that over the period of the last month, all staff had received an email from the managing director and they’d received a newsletter. And I showed the slide and I was doing a series of training over a number of days. But in total, I shared this message with 130 staff in this organisation and I asked everybody (after I’d explained it), out of interest. you know, who was aware of the Brexit scam. And only 3 people out of 130 staff knew about it. And the thing is if it’s not your world, just delivering the message once, and if it’s not something you’re interested in, delivering the message once, the message just doesn’t get home. You’ve got to keep at it and you’ve got to do it at least 6 times. You’ve got to keep telling people about these problems so that they get it and they understand it and their aware. So, that’s it the Brexit scam, the pay rise scan, the Christmas bonus scam. I’m sure there will be other variants of it, but be aware, stay safe and I look forward to speaking to you again soon. Thank you.