Being wary of what you post online is always important, but even more so now than ever. In the recent weeks and months, there have been an increase in cyber attacks and malicious email content. In addition to this, spear phishing is becoming a greater problem. While individuals may be targeted more often, companies an organizations of various sizes and industries are being targeted as well, meaning you could be at risk for a data breach. Don’t put yourself or your organization at risk. In today’s blog, we talk about what email and spear phishing are, and how to protect yourself from being attacked.
Email phishing is when an attacker sends an email from a source that appears to be legitimate. Within these emails, the attackers often include hyperlinks taking you to pages that request personal information. These links and pages may appear legitimate and harmless, but they can be used to download viruses and other malicious software onto your device. As well, any information you enter can be used to guess some of your passwords or account logins.
Spear phishing is similar, but worse. While using the same methods, the messages are much more personalized. The attackers figure out who they want to target, and then research them before hand to make the email content more personalized and legitimate. These cyber criminals generally start their searches on social media sites, such as Facebook, Twitter and LinkedIn and use information they find to make the victim think that the company or person reaching out to them is someone they actually know quite well.
Here are some pointers that you can use to help prevent you and your organization from becoming a victim of a phishing scam:
Beware of What You Post on Your Social Networks
Many people use a birthday, nickname or pet’s name as a password. If you do this, make sure it is not posted online anywhere. This can help prevent giving hackers easy information. Additionally, make sure you limit where you put your phone number online. Criminals posing as IT employees or managers are targeting employees and asking for their passwords or logins for “system maintenance” or resets. Consider posting your main company phone line and only giving your direct extension to those you trust.
Implement Multi-Factor Identification Wherever Possible
By requiring at least two pieces of identification to access certain files or accounts, it makes it more difficult for hackers to compromise your systems. This added layer of protection can help legitimize logins and further protect you against phishing and other scams.
Make Cybersecurity a Company Focus
Create policies, educate your employees and confirm suspicious email activity before interacting with it. While this may take extra time of your day, it can help save you and your organization from lengthy and expensive headaches later on.
Even if we think we are doing enough to protect ourselves, cyber criminals are becoming more sophisticated in their attacks. By following these precautions and staying up to date with latest software fixes and security, you are helping to do your part. At True Sky, we take security seriously. That is why we consult with your IT teams and have a built-in hierarchy security level within out software. If you need assistance with simplifying your budgeting, planning and forecasting processes today, give us a call at 1 855 878 3759 or visit our website www.truesky.com