Top firms stress vigilance during National Scam Awareness Week

National Scam Awareness Week is gaining momentum, with leaders in the cybersecurity industry highlighting the urgent need for heightened vigilance and robust security measures.

Executives from prominent security firms Qualys, SailPoint, and CyberArk have voiced their concerns and provided critical insights into the evolving landscape of cyber threats.

Sam Salehi, Managing Director for Qualys Australia and New Zealand, emphasised the increasing sophistication of scams enabled by artificial intelligence (AI) and deepfake technology.

"With AI and deepfakes enabling increasingly convincing scams - from fake job ads and celebrity-driven investment schemes to bogus event tickets - we're entering a zero-trust world where it's essential to question every request for personal details or money," Salehi said. "Consumers must stay vigilant and follow best practices to minimise their cyber risk."

Highlighting the broader implications for businesses, Salehi noted that companies, owing to their vast collections of personally identifiable information (PII), are prime targets for cybercriminals.

"Increasingly, businesses are prime targets due to their vast collections of PII and have a critical responsibility to safeguard this data. With scams being so convincing it isn't a matter of if they or their customers fall foul but when," he added.

Salehi called for implementing robust security measures and ongoing education to protect both customers and business operations.

Nam Lam, Managing Director ANZ at SailPoint, underscored the importance of education and prevention in combating sophisticated scams. "Initiatives like National Scam Awareness Week are especially important as education and prevention are critical to combatting increasingly sophisticated scams," he said. "But while educating individuals to spot and report scams is essential, we must also recognise that even the most vigilant among us can fall prey to evolving threats."

According to Lam, organisations play a pivotal role in protecting consumers and their personal data. "We need to ensure individuals understand and implement measures to mitigate their own risks, but organisations also play a critical role in protecting consumers and their personal data. Embracing a modern cybersecurity architecture and robust identity security measures is the strongest defence mechanism for CISOs, who most often hold the burden of blame when a breach (inevitably) occurs," Lam argued. He advocated for a collaborative approach within organisations to protect digital identities and build resilience against scams.

Olly Stimpson, Senior Security Strategy Adviser at CyberArk, linked the rise in scams and cybercrime to the need for stronger digital identity protections.

"Scams and cybercrime are becoming increasingly linked, underscoring the urgent need for robust digital identity protections - and the Digital Identity Bill is a critical step in this direction," Stimpson commented.

He pointed out the vulnerabilities posed by weak authentication methods, such as SMS one-time passcodes, which are still widely used for securing sensitive information.

Stimpson highlighted the need for corporate leaders to understand that personal scams can have direct implications for their businesses' cybersecurity posture.

"Corporate leaders must recognise that personal scams can directly impact their business's cybersecurity posture, leading to threats such as blackmail, password compromise through reuse, and impersonation fraud," he said.

Stimpson urged companies to tighten their authentication controls and educate employees on the potential risks to safeguard both personal and corporate security.