PLDT and its wireless unit, Smart Communications Inc. (Smart) warn companies that hackers continue to target employees to breach their cyber defenses. 

Employing the age-old — but tried and tested — social engineering strategy, cybercriminals will trick end-users into either opening a link from an email or giving out important information to break into the network.

“Vigilance is key,” said Angel Redoble, FVP and CISO of the PLDT Group. “Cybercriminals take advantage of the employee’s carelessness to steal credentials which they will use to infiltrate the company’s digital assets. This is why it is important for organizations to adopt a culture of cybersecurity.”

PLDT, Smart intensify cybersecurity drive with vendors
PLDT, Smart cybersecurity investment advocates holistic approach

Quoting a report by Romanian cybersecurity technology company Bitdefender, PLDT and Smart’s Cyber Security Operations Group (CSOG) said hackers will go after employees 99% of the time. This could be executed through phishing emails, vishing or smshing that mimic legitimate communication materials or messages from a known company.

PLDT and Smart share tips on how to protect companies from these attacks.

• Interact only with people you know. Open trusted applications and websites. Remember, never open emails from strangers or click links from dubious senders.
• When prompted, update applications and operating systems installed in your devices to get the latest security patches that will address known vulnerabilities. But CSOG warns users to click legitimate alerts from their developer’s official platforms.
• To add another layer of protection, CSOG encourages users to enable multi-factor authenticators (MFA). This feature also alerts users when suspicious personalities are trying to access accounts from unknown devices or locations. Remember, never share your One-time Passwords or OTPs with anyone.
• CSOG suggests using strong and long passwords or a combination of special characters, upper and lowercase letters, and numbers. CSOG also reminds internet users to use different passwords for different accounts and to change them regularly.