Increased Phishing Activity Bulletin – Dewpoint

Increased Phishing Activity Bulletin

This security alert bulletin is to advise you of an increase in phishing activity noted by several Dewpoint clients. 
To reduce the risk of being a victim we recommend organizations adhere to good IT security practices specifically in the areas of username and password management.

To reduce becoming a phishing target, stress to your staff the importance of NEVER putting credentials into an online form from, linked or attached document unless they are absolutely 100% sure of the security and legitimacy of the site requesting the credentials.

If you fall victim to a phishing attack the following steps will help reduce the risk to your organization:

  1. Implement good Identity management practices
    1. Each user has their own account
    2. Accounts are not shared among users
    3. Permissions for accounts align and limited to the need of the user to perform their job
  2. Passwords management practices are implemented
    1. Passwords are changed on a regular basis
    2. Passwords adhere to complexity rules
  3. Functions requiring elevated privileges have their own accounts and are used only when the user is performing those functions

In addition, organizations should investigate the feasibility of implementing multi-factor authentication to reduce the risk of a malicious actor being able to impersonate a valid user through a compromised account.

If you need assistance ensuring your data and users are secure, contact Dewpoint.

Knapp's Centre, Suite 200
300 S. Washington Square
Lansing, Michigan 48933
Phone: (517) 316-2860

333 Bridge Street NW Suite 505 
Grand Rapids, Michigan 49504
Phone: (517) 316-2860

805 Oakwood Drive, Suite 108
Rochester, Michigan 48307
Phone: (248) 413-6108