Keeping Safe from SMS Phishing Scams

How to keep your site's data safe and secure from SMS phishing attempts.

There has been a nation-wide rise in Cyber fraud and Cyber crime, and these types of phishing attacks are common. Namely has not experienced a data breach, and we feel confident in our robust and tested security measures that protect your employee data. While Namely’s system security ensures that data stored in client sites is protected, these fraudulent messages seem to be made using publicly available data points (e.g., names, phone numbers).

We advise clients use HaveIBeenPwned.com, or similar identity monitoring services, to see if any of their employees had their personal information disclosed in a public data breach. Public data breaches are often the source of these types of attacks. The Namely Security team is also available to review specific instances of potential suspicious activity. For example, if there are specific users you believe may have been compromised we are more than happy to investigate.

 

As far as more employee-centric best practices, we would recommend urging employees to secure their personal data outside of Namely (i.e. personal email passwords, work email passwords) to ensure the privacy of their information.

In general, clients can use the following features to proactively identify suspicious activity in their Namely instance. And again, we’re happy to follow up on any specific suspicious issues you may find.

Review user logins with Credential History Log: navigate to -Company > Reports > Credential History

Review changes with Audit Reports: navigate to Audit Reports in the left hand bar

While we ask that you do not distribute these resources beyond your organization or post publicly for privacy reasons, please see the following documents for more information-on-information security at Namely:

Namely Security In-Depth- Client Overview

Namely Architecture and Security Overview

Please let us know if you have any additional questions or concerns.