Insignia Financial CFO says staff should be fired if they click on suspicious work emails – and frequently test them by sending fake messages
The boss of a major financial firm says employees should be fired if they are caught clicking on spam emails too often.
Frank Lombardo, chief operations and technology officer at Insignia Financial, said businesses increase their chances of falling victim to a major hack if staff are unaware of the risks.
He said employees who repeatedly fail security tests, such as by clicking on fraudulent emails, are expected to potentially cost workers their jobs.
Employees who click on questionable emails appearing on their work email should be fired, says boss of major financial firm
“You have to recognize that if you’ve done everything you can and there’s a weakness, and it’s at the human level and the human just doesn’t understand, then you have to take appropriate action.” , said Mr. Lombardo told the Australian Financial Review.
“It can even lead to performance management and the departure of people who just don’t get it,” he said.
Mr. Lombardo said this is all part of educating workplaces about their preparedness against hackers and other forms of online criminal activity.
He said he tests his staff almost every day by sending emails designed to impersonate hackers and forms of questionable emails.
It’s an exercise that gives experts like Mr. Lombardo an idea of who is likely to click on emails and other forms of phishing attacks.
Phishing is a form of online hacking that tricks users of electronic devices such as phones and computers into clicking on a link and downloading software.
It then allows hackers to access users’ personal information.
Hackers often target workplace email addresses to access employees’ personal information and have carried out a series of cyberattacks against several major Australian companies.
In 2022, hackers stole the private data of 30,000 current and former Telstra employees.
Nearly 10 million Australians had their personal data stolen when a hacker infiltrated the systems of telecommunications giant Optus and plundered the details of its current and former customers, in a separate attack.
Around the same number of Australians also had their data breached, after Russian hackers accessed the personal information of current and former customers of insurer Medibank.
Frank Lombardo (pictured), director of operations and technology at Insignia Financial, said he tests his staff almost every day to see if they click on the phishing emails.
Westpac Group Chief Information Security Officer Richard Johnson said these types of breaches are the biggest threats businesses face.
“For the average employee in an organization, the biggest threat they are likely to face each day will be in their inbox – something that could have slipped through multiple layers of defense,” Mr. .Johnson to the newspaper.
He said Westpac staff receive at least one phishing email a month and if employees click on that email, another is directed to the employee to see if they click again.
Some employees may then have their internet access restricted if they are unable to recognize a fraudulent email.
Businesses are boosting their security and preparedness against cybercrime after hackers stole the data of millions of Australian Telstra and Medibank customers in major breaches.
Experts say the best defense against hacks is for staff to adhere to cybersecurity preparedness by being aware of potential threats, rather than businesses relying on improved security technologies.
The latest report from competition watchdog the ACCC estimates Australians have lost more than 3 billion dollars in a series of online and digital scams in 2022 alone.
More than $24 million has been lost to phishing scams.