Please enter your username or email. We’ll send you an email with instructions on how to reset your password. If you have forgotten your username, did not receive the email to reset your password or need help, contact our support team.
If you have entered a correct email from our database, we will respond in 24 hours.
You can request a new account by submitting your details to your local sales centre. Upon approval, we will email you a temporary password.
Click on the link below to sign into Kyocera Connect which will take you to Account Services.
We’ve all heard about phishing attempts where an employee receives an email purportedly from the CEO, asking for the transfer of a large sum of money to an unknown account. This straightforward yet suspicious approach usually raises alarm bells and tends to be unsuccessful.
However, in this instance a transfer was seemingly being requested by a senior member of the business. It had an elaborate email chain attached to it between multiple parties within the customer estate. This went into considerable detail about an existing supplier, which had recently featured in the press regarding a takeover. As a result, according to this email, the supplier had new payment requirements. This forms a coherent and quite plausible narrative.
Fortunately, the customer was suspicious and called our cybersecurity professionals in to investigate. The team forensically went through the logs and spotted the slightest error in email address (an “e” missing) and found the email chain had been intercepted by a compromised third party hence making the chain more plausible. The team confirmed that this was a sophisticated phishing attempt, checked that there were no breaches in the customer’s IT estate and ensured no fraudulent financial transactions had occurred. The team took protective actions by scrapping the email chain from the systems to prevent further issue and blocking the suspect domains and IP addresses.
This incident demonstrates the amount of research and personalisation criminals put into making phishing work, to try and fool even the most alert employees into believing something is authentic. It’s surprisingly easy for criminals to craft these “social engineering” narratives, as information like your suppliers, employee names and contact details, and mergers and acquisitions can all be found on your website, through social media and elsewhere on the internet.
Employee training is key to preventing these phishing attempts from being successful. As a managed cybersecurity provider, we provide learning and simulation services to train staff to be on the lookout for even the most sophisticated social engineering attempts, as well as providing the investigation of suspicious activities and defence against active threats.