Tag archives: Email

You’re Uninvited: Managing Unauthorized Third Party Access

Most people would not bring along a group of uninvited strangers to a dinner party or, even worse, a wedding. Society has certain expectations around attendance, guest lists, RSVPs, and the like.  And yet, in the digital realm, these social norms may not have the same effect.   What can be done about digital party crashers?  In particular, how can the owner of a social network ward off competitors who seek access to network content by riding users’ coattails?… Continue Reading

Social engineering fraud

What is social engineering fraud?

Social engineering fraud is defined as the art of influencing people to disclose sensitive information or granting the fraudster unauthorized access. As opposed to exploiting a secure computer system to access information, criminals are now exploiting a person’s trust through avenues such as email, social media, and mobile apps. While social engineering fraud could involve the classic “advance-fee scam” such as when a vulnerable individual is tricked into sending money to a “prince” in a foreign land, there has been a rapidly increasing amount of sophisticated scams, such as Business Email Compromise (BEC) scams that … Continue Reading

NLRB to reconsider legality of employer email use policies

The National Labor Relations Board (“NLRB”) is reconsidering whether companies may lawfully maintain policies that prohibit employees from using company e-mail and electronic communications systems for personal use.

In 2007, the NLRB ruled that employees have no statutory right to use their employer’s e-mail system for Section 7 purposes. Section 7 protects an employee’s right to form, join, or help a labor union and the right to engage in other group activities intended to improve working conditions, such as pay, hours, safety, or workload. These protections apply in unionized and non-unionized workplaces.

The NLRB’s General Counsel has urged the Board … Continue Reading

Passwords & Social Media

An employee’s personal social media page may offer prospective hackers a backdoor into company protected information. Many companies are moving towards lengthy and complex passwords, which has placed additional strain on password recovery procedures.

Many of these “forgot password” security procedures ask for pseudo personal information such as a user’s high school mascot or mother’s maiden name.

Social media, however, can make this type of information readily available to the nefarious and arguably low-tech hacker. In the case where Governor Sarah Palin’s e-mail account was hacked, the indictment claimed that the hacker required just 45 minutes to locate the information … Continue Reading

LexBlog