Spotting the Fake IT Worker: 5 Red Flags You Can’t Ignore

Mainframes process 90% of global credit card transactions, making them prime targets for cybercriminals. One growing risk is the rise of fake IT workers—malicious actors who blend into organizations using stolen credentials, AI-driven scams, and insider access. Insider breaches now cost nearly US$5 million on average, and threats often hide in plain sight across payroll systems, login activity, and compliance gaps.

• Credentials & Access Risks: Weak passwords, shared logins, outdated controls, and unusual login times or locations are major warning signs. MFA and strong authentication are critical defenses.
• Insider & AI-Enabled Threats: Fake employees, disgruntled insiders, and AI-powered phishing scams can bypass trust and expose sensitive data if not closely monitored.
• Compliance & Monitoring Gaps: Regulations like GDPR and DORA require strict data protection. Missing controls can lead to fines, breaches, and reputational damage.

To protect mainframes, organizations should secure green screen access with TLS 1.3 and MFA, integrate host access with centralized IAM, audit and monitor activity in real time, and partner with security experts. Rocket® Secure Host Access enables phishing-resistant, password-less access while extending modern security practices across critical systems.