Cybercriminals have become quite savvy in their attempts and tactics to lure end users in and get you to click on a link or open an attachment that can have detrimental effects on the security of your organization. Learn how to protect yourself, your people and devices with these tips and resources.
Malicious Email
A malicious email can look identical to if it would come from a financial institution, an e-commerce site, a government agency or any other service or business. It often urges you to act quickly, because your account has been compromised, your order cannot be fulfilled or there is another urgent matter to address.
If you are unsure whether an email request is legitimate, try to verify it with these steps:
Contact the company directly – using information provided on an account statement, on the company’s official website or on the back of a credit card.
Search for the company online – but not with information provided in the email.
Spam
Spam is the electronic equivalent of junk mail. The term refers to unsolicited, bulk – and often unwanted – email. Here are ways to reduce spam:
Enable filters on your email programs: Most internet service providers (ISPs) and email providers offer spam filters; however, depending on the level you set, you may end up blocking emails you want. It’s a good idea to occasionally check your junk folder to ensure the filters are working properly.
Report spam: Most email clients offer ways to mark an email as spam or report instances of spam. Reporting spam will also help to prevent the messages from being directly delivered to your inbox.
Own your online presence: Consider hiding your email address from online profiles and social networking sites or only allowing certain people to view your personal information.
Phishing
Phishing attacks use email or malicious websites (clicking on a link) to collect personal and financial information or infect your machine with malware and viruses.
Spear Phishing
Spear phishing involves highly specialized attacks against specific targets or small groups of targets to collect information or gain access to systems. For example, a cybercriminal may launch a spear phishing attack against a business to gain credentials to access a list of customers. From that attack, they may launch a phishing attack against the customers of the business. Since they have gained access to the network, the email they send may look even more authentic and because the recipient is already customer of the business, the email may more easily make it through filters and the recipient maybe more likely to open the email.
The cybercriminal can use even more devious social engineering efforts such as indicating there is an important technical update or new lower pricing to lure people.
Tips for Avoiding Being a Victim
Don’t reveal personal or financial information in an email, and do not respond to email solicitations for this information. This includes following links sent in email.
Before sending or entering sensitive information online, check the security of the website.
Pay attention to the website’s URL. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com versus .net).
If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Contact the company using information provided on an account statement, not information provided in an email. Check out the Anti-Phishing Working Group (APWG) to learn about known phishing attacks and/or report phishing.
Keep a clean machine. Keep all software on internet-connected devices – including PCs, smartphones and tablets – up to date to reduce risk of infection from malware.
Outsource your organization's security. Partnering with a Managed Security Services Provider, like VoDaVi, mitigates risks and provides your organization with 24/7 monitoring and maintenance for a fixed monthly price.
Protect Yourself With These STOP. THINK. CONNECT.™ Tips
When in doubt, throw it out: Links in email, tweets, posts and online advertising are often how cybercriminals try to compromise your information. If it looks suspicious, even if you know the source, it’s best to delete or – if appropriate – mark it as junk.
Think before you act: Be wary of communications that implores you to act immediately, offers something that sounds too good to be true or asks for personal information.
Make your passphrase a sentence: A strong passphrase is a sentence that is at least 12 characters long. Focus on positive sentences or phrases that you like to think about and are easy to remember (for example, “I love country music.”). On many sites, you can even use spaces!
Unique account, unique passphrase: Having separate passphrases for every account helps to thwart cybercriminals. At a minimum, separate your work and personal accounts and make sure that your critical accounts have the strongest passphrases.
Lock down your login: Fortify your online accounts by enabling the strongest authentication tools available, such as biometrics, security keys or a unique one-time code through an app on your mobile device. Your usernames and passphrases are not enough to protect key accounts like email, banking and social media.
VoDaVi's Managed Security Services
In today’s digital era, it’s important for organizations to focus on how to keep sensitive data safe. At VoDaVi Technologies. we see first-hand how security is a moving target and recognize the importance of constantly monitoring and maintaining systems to ensure smooth business operations. Our team manages and maintains your organizations network and infrastructure so you can focus on your core competencies. VoDaVi’s Managed Security Services enables you to gain business focus, cost-effective and proactive IT management, Regulation and Compliance, and efficient scalability. VoDaVi’s Always There! moniker to reinforce the company’s pledge to provide 24x7x365 monitoring to our clients at no additional cost to ensure that you are back-stopped with the best support.
Secure Your Organization Today: Schedule a risk-free consultation about Managed Security Services for your organization.
Book Online with the link below, or contact us directly! Call: 866-896-1777 | Email: Info@VoDaViTech.com