Let’s look at a scenario of an organization being targeted for a breach.
Tuesday 3:20 pm A fake but very realistic email is sent to the ten executives on the company’s management team from what appears to be the CEO of a medium-sized manufacturing firm. The email is titled, “Please review this before our meeting,” and it asks them to save the attachment and then rename the file extension from .zip to .exe and run the program. The program is a plug-in for the quarterly meeting happening that Friday, and the plug-in is required for viewing video that will be presented. The CEO mentions in the message that the executives have to rename the attachment because the security ...