Who We Are

Our Company

Since 1994, Andromeda Technology Solutions has kept businesses safe, secure, and running. Whether you need proactive IT services or advanced building security, we're your go-to resource.

Our Team

We've grown from a group of three to a team 50 people strong – all dedicated to the core purpose of helping our customers succeed.

Careers

Andromeda was honored to be named as one of the 2022 Best Places to Work in Illinois. Explore the new frontier of your career and view our open positions.

best-places-to-work
Who We Serve

Our Clients

We’ve served 2,500+ clients in our 28+ year history. Whether you're located near our headquarters in the Chicagoland area or have needs on a national level, we can help you with all your business IT and building security needs.

Industries

logo-tma-blue

Manufacturing Sub-Sectors

What We Do

How We Can Help

Don't let unmet IT and building security needs spin your spacecraft out of control. Discover how our IT services and full suite of building security solutions will keep you grounded.

IT Solutions

Why Andromeda

clutch-2023-it-services top_clutch.co_managed_service_provider_chicago_2023 badge-nist
Resources

Resource Portal

Technology is constantly evolving – and so are building security threats. Stay in orbit with the latest developments via our regularly updated resource library.

Recent Blog Posts

How Can We Help

Are you an existing customer in need of support? Submit a ticket and we'll report to the bridge shortly.

BEC Scams & Social Engineering: What You Need To Know

When your boss asks you to print a report, share a piece of information or help out with a task you aren’t likely to tell them no right?

More than likely you’d jump to it and get them what they need right away.

But what if you get an email asking you for sensitive information like a login to your HR software, your accounting software. What if your CFO or CEO sent you an email requesting a wire transfer?

Would you think to ask questions first? Would you verify their identity or check to make sure that this is a real request?

What are BEC scams?

A BEC Scam or Business Email Compromise is the term for when a cyber-criminal disguises themselves as an executive or owner of your company to trick you into doing something.

These BEC Scams trick innocent employees into doing things like:

  • Handing over confidential info (employee data, client data etc.)
  • Giving credentials for private accounts (financial, HR, proprietary info)
  • Transferring funds

BEC scams can be quite sophisticated so they are difficult to catch. Criminals will research a company and its employees to give their scam more credibility.

Often, cyber criminals will use a technique called Social Engineering to gather data and learn ways to trick employees.

What is Social Engineering?

Social engineering is a broad term. In a nutshell, social engineering is a technique a criminal or cybercriminal uses to manipulate an individual into handing over confidential information.

For the most part, social engineering scams start with a phishing scam or data breach.

A cybercriminal snags the login info for your email or your social media account. Once they have login credentials, the criminal can access your personal information and use it to their benefit.

Two common uses for your email or social media:

  1. Hijack your account and spam your network – hoping to infect a bigger group of people and impact damage
  2. Spy on you, pick up specific info they can use to impersonate you later as part of a more advanced scam

What do these scams look like in action?

BEC Scam Example #1 – How to lose 10K in minutes...

A hacker gains access to the owner’s email account. The hacker does some quick searching on LinkedIn and locates the HR Manager’s name. With the name, the hacker sends a quick email to the HR manager with an urgent request for a fund transfer of 10K before they miss a deadline.

The HR manager sees the request and quickly transfers the funds.

An hour later, the owner notices the wire transfer... asks the HR manager what it was for. HR manager doesn’t understand, the owner asked for the transfer didn’t they?

In reality, the hacker just stole 10 grand and made quick work of it.

BEC Scam Example #2 – How criminals steal your employee’s identities during tax season...

Tax season is huge for scammers and criminals. Social security numbers, personally identifiable information, banking info and much more is up for the taking and criminals are willing to do some work to steal this info from your business.

Criminals specifically target HR and Accounting departments during this time.

Hackers regularly spam HR managers and Accounting staff requesting copies of personal information including W-2 statements. They use these documents to steal identities, funds and more from businesses and employees alike.

A hacker might send an email to your HR manager that appears to come from the CEO requesting specific documentation. Again, few employees question a message from a leader/owner or boss at the company so they do what is asked without thinking twice.

Some other popular examples:

  • Criminals impersonating attorneys to scare you into handing over documentation
  • Sending fake invoices to your company (sometimes impersonating real vendors, other times just demanding payment)
  • Hacking employee email accounts to spread malware and key loggers to other employees (we are all more likely to click links and download files from people we believe are our co-workers)

How to protect against and prevent BEC Scams

One of the best ways to protect your business from these kinds of BEC scams is continuous employee education. It’s been said before but at the end of the day, your employees and you are the targets of these attacks so the more you know about them, the better you can protect yourself and your business.

Some quick tips:

  • Watch out for URGENT requests that put you on edge – any time you get an email with an immediate need that gives you pause . . . like a request for a big fund transfer, confidential data or proprietary data . . . double check with the source. Call your boss and make sure they actually do want the funds or the documents. Better safe than sorry.
  • Beware of downloads – If you don’t know the sender. Don’t download it. If you never requested the report. Don’t download it. If you question the source at all, double check before you download.
  • Make sure spam filters are properly configured – obviously you don’t want to miss valid emails but your IT team should have your spam filters configured properly. This will prevent a good amount of phishing attempts, malicious email and more from ever hitting your staff inboxes.
  • Don’t follow random links – links are tricky. In a digital world you need to access things online and sharing links makes that easy. If you are being asked to check financial or other private information, it is always best to go to the proper site on your own. For instance, if you get an email about the business Chase credit card account, don’t click a link to investigate. Instead, go directly to the Chase.com and handle the business needs that way.
  • Employee Training – this may be last on the list but training and keeping IT security at the front of your employee’s minds is vital. The goal is to inform your team and educate them so that they can properly defend themselves and your network.

Andromeda’s team can help your business defend itself against scams like these and others. If you’re interested in learning more about how Andromeda can secure your network or if you are interested in learning more about our employee IT security training, let us know. Call the office at (815) 836-0030 or reach us at Contact@WeNetwork.com.

 

Keep Your Business Safe, Secure, and Running

We’ll take a proactive approach to your manufacturing IT – and help your business blast off.