Proactive Cybersecurity and Risk Management Even if you have antivirus, a firewall, and your own…
In addition to being spooky season October is also Cybersecurity Awareness Month – Cybercrime, Malware, Phishing, and Ransomware, talk about scary!
In Honor of Cybersecurity Awareness Month – let’s review the ground rules!
Cybercrime is up 600% due to Covid-19. It is important to be cautious both as an individual and as an employee at your organization. Whether you are answering personal emails and shopping online or managing clients and billing at work – you are a target. New scams pop up daily targeting individuals and companies alike.
During Cybersecurity Month and every month:
- Be aware every employee is a target and cybercrime is more common than you think
- Understand the active role you play in keeping your organization safe from cybercrime
- Be familiar with the current types of attacks, so you can spot them and not fall for them
Small Businesses are at risk
Interpol recently reported that small and medium-sized businesses are being targeted at an increased rate. You may hear about much larger companies in the news, but small and medium-sized businesses are at an even higher risk. No matter the size of your business, it is important to educate your employees, have security in place, and have a business continuity plan in case of a disaster.
Strategies to know and watch for
Stay alert and skeptical – cybercriminals use a variety of strategies to trick you. Understanding these strategies is the first line of defense.
The following common digital attacks are specifically focused on getting you to take an action that will harm your organization or yourself.
Phishing is the most common digital attack. Email scammers try to trick you into giving out information or taking a dangerous action like clicking on a link or downloading a malicious attachment. Be suspicious of all emails you receive that seem unexpected or include links or attachments.
Spear Phishing is a more focused form of phishing. Messages may be personalized and convincing. A hacker may impersonate a co-worker, your boss, or someone else you know in real life.
Smishing is SMS phishing through text messaging. These messages may look like they are from your bank or a known source and can even include account numbers obtained through illegal means. These texts often try to get you to click a malicious link. If you receive a text you are not sure about it’s best to not click the link and reach out to the sender via a known contact number or go to their website directly to view your account.
Some cyberattacks launch software that infiltrates your computer or device “behind the scenes” and can lead to extensive damage to you or your organization.
Ransomware encrypts and locks data until a monetary ransom is paid. Criminals will threaten to sell your data or increase the ransom if you do not comply. Ransomware results in loss of productivity and confidential data. Oftentimes ransomware infiltrates your device after you click on a malicious link or attachment.
Spyware often targets mobile devices to gather information on the user of the mobile device to then use in a cyberattack.
Bot – A program that turns your device into a malicious robot for the criminal. They may use your device to carry out cybercrimes like spewing out spam. These programs can run in the background without your knowledge.
Malicious apps – An update to an app on your device can even be malicious. Be careful what you install on your devices and only install apps from your authorized app store.
Internet-based attacks – Not all attacks start with an email or text message
Keep Cybersecurity top of mind. It is important to learn how to look at links and when links look “phishy.” Look to see if a link is HTTP vs HTTPS and if the domain is spelled correctly. At first glance, the domain may look ok but cybercriminals will insert a hyphen or add an s to try and trick you. For example, facebook.com vs face-book.com or facebooks.com. when in doubt- don’t click the link, search for the site using Google.
Another best practice is to consider security when connecting your devices to wireless connections. public or free WIFI connections can be unsecured and bad actors can see what you are doing online including logging your usernames and passwords and accessing anything you access online like bank accounts and social media accounts.
You play a central role in protecting your organization. Staying alert and skeptical can save your organization from disaster. Always stop look and think before taking an action.
Box Lake offers a variety of products to reduce threats, protect users and data, stop attacks and breaches, and keep employees productive. These products allow you to secure every endpoint on the network, from laptops to virtual desktops and servers, to web and email traffic and mobile devices. Contact us today for a free assessment.