Liberty, in collaboration with cyber security advisers NCC Group, has developed a report that provides an overview of recent social engineering developments and some practical tips on how investment managers can protect their firms from these manipulation techniques.
This includes identifying:
- common forms of social engineering including phishing, vishing, smishing, pretexting and business email compromise
- defensive actions that can be taken to help staff detect attempts at social engineering
- protective business processes that can be applied including call backs, transfer verification and transaction anomaly reporting
- organisational technical controls such as multi-factor authentication, passphrases and email verification controls
- how to respond to a social engineering attack, including preparation, detection, containment and post-incident activity.
This trending topics paper shines a light on one of the most significant threats that investment managers face, and is a good practical reminder of steps that can be taken to reduce risk.
Share this article
Downloads
AP0773_Liberty_PFR_Social_Engineering_AP_Summary_web_v2.5.pdf
