Did you know October is Cyber Security Awareness month? We live in a connected world: computers, phones, tablets, watches, you name it. Don’t push security to the bottom of the list.
How many emails do you get every day? If you’re like me, hundreds if not a thousand or more. My iPhone has five email accounts – my (old) AOL, my new(er) Gmail; an old business; and two work accounts – YES, that is in my real - collective inbox count. Who can keep up? As we feverishly try to clean out our inboxes with all the solicitations, sales and coupons trying not miss something important its never been more important to know what’s real and what’s NOT!
How many of those emails are from someone or some business you deal with? And of them how many have attachments or links? Do you, your loved ones, your employees know what to do when they get an email or text (suspicious or not) from someone they don’t know or someone they do know or a business they deal or do not deal with? Businesses entrust their employees every day to do the right thing to protect their network and data. Hackers get smarter, more creative and more sophisticated – this is fun to them not just a job! Understanding how to protect yourself, your employees, your business is paramount and shouldn’t be taken lightly.
I found out firsthand how vulnerable a loved one can be from my 74-year-old father -- who has an IT Degree and managed a data center in his professional career, and whose personal computer was taken over because Microsoft sent him an email alerting him he had a virus. “CLICK” - link sent him to the “Microsoft” website with a payment page and he entered his credit card. Why because Microsoft said he had a virus - RESULT – ransomware! Not more than a year later another email. This one to tell him to “click here” to claim his $987,000.00 prize. This time he didn’t “CLICK”; he brought me his phone to read the email, all excited, “I think this is real.” NO DAD, this isn’t real… as I revealed the return email address, what appeared to be a reliable source, his bank, was actually firstname.lastname@example.org. “OH, this looked so real!” “Yup, that’s the point, Dad.”
Clicking on links, replying to emails/texts, opening attachments allows fileless malware, annoying adware, spyware, ransomware and trojans to install on your computer and your network without your knowledge. Result: full control of your computer and network where your directed to the “dark web” and prompted to enter your credit card to regain control of your computer, data and/or network! Not much you can do at this point – it’s too late! Be skeptical and go with your gut; it if feels wrong it is. If it’s important they will reach you through the good ol’ postal service. DELETE is your new friend, get to know him.
Believe me I want nothing more than to be told I WON a million dollars, but I can guarantee without Publishers Clearing House knocking at my door with a banner, balloons, a big check with my name on it and a camera crew – it’s a scam! You will never be notified through electronic means you’re a winner.
For businesses don’t forget the number one “hacker” is a rogue employee!
Education and knowledge = power. Use these tips to keep you, your loved ones and your business secure:
- Listen to your gut!
- Don’t open unsolicited attachments or click on links within emails or texts from unsolicited or unknown senders
- Use antivirus software. Check out: Norton, McAfee, Intrusta
- If you think something is real – pick up the phone - call the company
- Do not give anyone personal information or buy a prepaid card – The IRS will not call you for payment and your long-lost cousin isn’t in Uganda in a hospital and needs to pay his doctor bills
- Use unique passwords and don’t use the same one for all. Example: use the “@” sign for the letter a; “$” for letter s. Use upper and lower case. DO NOT use your name, birthdate or “Password”
- Sign out of websites as soon as you’ve completed your business
- Saving your credentials into your web browser is a hacker’s birthday! There are plenty of solutions on the market: some free, some a couple dollars a month. These solutions come with encryption, two factor authentications, latest security, personal and enterprise grade, workflow, administrative rights, etc. Check out: LastPass, Manage Engine, RoboForm
- Back up your system(s) daily to a protected external storage management device or service
- Protect your identity. Check out: Identity Guard, Identity Force, Life Lock
- Train your employees. Check out: Knowbe4, Rapid7, Ninjiio, Phishme
- Keep your firewall security software, patches and firmware up to date AND keep those ports closed
- Install network/IoT scanners – know who’s on your network. Check out: Shodan.10, Bullguard, Kaspersky
- Report any suspicious activity or emails to your IT Team
- Look for secure websites before entering ANY data into them. Look for the lock before the URL
Be knowledgeable – be aware – be skeptical, having the right tools and training can save a lot of headache, time, money, data leakage and customers.
See how Vision can help with cyber security. Contact us for more information.