They can destroy a business. They can destroy reputations. They can destroy lives.
Catastrophic data breaches are serious events that can claim so much, but yet they often begin with a simple, split-second decision.
That’s what makes urgency tactics so successful. They play on a process in the human brain that exists to create safety. When pressured to make a quick decision, the brain strives to simplify things. The point is to relieve the pressure and get a person out of a difficult situation as quickly as possible.
So, when a hacker presents a situation with time pressure, the brain kicks into gear. It’s hoping to make things better, but what happens is things get worse.
But you can empower users, and the time to do it is NOW.
Proactive Steps
Research clearly shows just how successful hackers are with the urgency tactic, but there are steps that can be taken. If we’re persistent, we can let the clock run out on the hackers.
The battle against cyber threats isn't just about having the latest tech. It's about building a fortress-culture of cybersecurity, supported by the pillars of recurring education, rock-solid policies, and high-alert awareness:
- Educate: If users are aware of this tactic and the many shapes it takes, they’ll be able to spot it even when feeling pressured. Make cybersecurity training a regular event. Keep users in the loop with the latest threats and prevention methods, and ensure cybersecurity isn't just a once-a-year, tick-box exercise but a living, breathing part of their work. Send users examples of the urgency tactic and give them a chance to practice saying NO to it before they face an actual hacker.
- Present policies: Use simple, jargon-free policies to set the expectations for secure behavior. Cover all your bases from password protocol to resource usage and make reporting a suspicious incident as easy as pie.
- Create a Culture of Awareness: Make cybersecurity everyone's responsibility. Regular briefings, visible reminders, and even gamified learning experiences can ensure security remains at the forefront of everyone's mind.
- Present Options: Part of the culture of awareness involves reminding users that they control their time, and that no matter what a hacker tells them options exist. So, if they take a moment to breathe, they can plan their response that makes sense.
Identifying Scams:
While the urgency tactic may be highly effective, it’s not perfect and you can alert your users to some of the outstanding traits to look for when urgent requests arrive:
- Watch for Oddball Requests: Hackers love to make the abnormal seem ordinary. Teach your users to be detectives, scrutinizing every out-of-the-ordinary request that enters their inbox. A hurried email from the CEO requesting an unusual wire transfer? That's a prime candidate for the “urgency” trick.
- Question the sender: Using a fake identity, especially someone in a position of power like a boss or bank manager, helps hackers to create a sense of urgency and authority. When your 'bank' sends an urgent request, don't leap before you look. Teach your users to verify, verify, verify. Check the source independently, and never use contact information provided in the suspicious message itself.
- Look for Language Hints: Phishing messages often scream their truth through bad grammar, atrocious spelling, or a strangely formal tone. Educate your users to treat these as the red flags they are.
Urgency is a psychological master key, unlocking rash decision-making and silencing our ordinarily cautious selves. When it comes to cyber threats, this hurried mindset is gold for hackers, pushing users to cough up sensitive data without a second thought.
Time To Change The Locks
It’s time to take away this master key and change the locks. Hackers are master manipulators, using urgency to pull the strings, but having conversations with your clients about what is going on out there and getting them to think critically about their security goes a long way in keeping them safe and engaged in their security journeys.
Let’s create a culture of security and tell hackers that our businesses, our reputations and our lives are off-limits!!!
Galactic can help you get this conversation going and give you an easy plan for success.
