094 90 48200     Get SUPPORT

Aniar IT Services Blog

Staff Education Goes a Long Way in Preventing Security Issues

Staff Education Goes a Long Way in Preventing Security Issues

In a perfect world, keeping your antivirus updated and having a good firewall in place would be enough to protect your business from cybersecurity threats.

Unfortunately, most attacks still come in through email, and can slip by your users. Even the most complex cybersecurity platforms used by massive corporations and governments can be foiled by a simple phishing attack, and your end-users are your last line of defense.

How Can an Employee Fall Victim?

Phishing attacks are designed to look real. An email might come in looking like a valid message from Paypal, a bank, a vendor, or even from another employee or client. Hackers use several tricks to make the email look real, such as spoofing the address or designing the content of the email to look legitimate.

Unfortunately, if the user clicks on the link in the email or downloads the attachment, they could open themselves and your company up to whatever threats contained within.

Commonly, this leads to stolen sensitive information, or installs malware on the device, or grants the hacker the ability to log into the user’s bank account.

While having strong IT security can reduce the amount of these phishing attacks that come in, a percentage can be tricky enough to bypass your firewalls and content filters, exposing your staff to situations that could your whole endeavor in

Educate Your Employees

It’s important to teach employees how to catch a phishing attack. We recommend sharing the following steps with your staff, or even printing them out and posting them around the office:

  1. Carefully hover (don’t click!) over links and see if they go to a legitimate URL. If the email is from Paypal, a link should lead back to paypal.com or accounts.paypal.com. If there is anything strange between ‘paypal’ and the ‘.com’ then something is suspicious. There should also be a forward slash (/) after the .com.   If the URL was something like paypal.com.mailru382.co/something, then you are being spoofed. Everyone handles their domains a little differently, but use this as a general rule of thumb:
    1. paypal.com - Safe
    2. paypal.com/activatecard - Safe
    3. business.paypal.com - Safe
    4. business.paypal.com/retail - Safe
    5. paypal.com.activatecard.net - Suspicious! (notice the dot immediately after Paypal’s domain name)
    6. paypal.com.activatecard.net/secure - Suspicious!
    7. paypal.com/activatecard/tinyurl.com/retail - Suspicious! Don’t trust dots after the domain!
  2. Check the email in the header. An email from Amazon wouldn’t come in as . Do a quick Google search for the email address to see if it is legitimate.
  3. Always be careful opening attachments. If there is an attachment or link on the email, be extra cautious.
  4. Be skeptical of password alerts. If the email mentions passwords, such as “your password has been stolen,” be suspicious.

Phishing Simulation

Another great tactic is to have regular phishing simulations. This is where we create a series of fake phishing emails (don’t worry, it’s safe), and randomly send it to your staff. When someone falls for the attack, we send them educational information to help them prevent being tricked by a real one.

We’ve found this to be very effective, without taking a lot of time out of an employees already busy day.

Are you interested in helping to protect your staff from falling victim to phishing attacks? Give us a call at 094 90 48200 .

Even Small Businesses are Targets for Hackers
Tip of the Week: How to Utilize Your Business’ Ema...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, August 24 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Business Computing Privacy User Tips Email Productivity Cloud Google Workplace Tips Innovation Network Security Internet Microsoft Tech Term Data Hosted Solutions Hackers Communications Efficiency Hardware Data Backup Communication IT Support Windows 10 Business Mobile Devices Data Recovery Cloud Computing Android Managed IT Services Smartphone Smartphones VoIP Computer Malware Small Business Software IT Services Mobile Device Network Collaboration Gadgets Artificial Intelligence Users Backup Spam Windows Internet of Things Business Management Browser Office 365 Miscellaneous Cybersecurity Information Chrome How To Server Phishing Router Applications BDR Saving Money Outsourced IT Business Continuity Computers Word Cybercrime Display Encryption BYOD Upgrade Facebook Social Media Staff Remote Monitoring Windows 7 Mobile Device Management Settings Data Security Data Protection Two-factor Authentication Managed Service Paperless Office Data Storage Holiday Passwords Ransomware Microsoft Office Connectivity Vulnerability Money Operating System Cryptocurrency Telephony CES App Fraud Meetings Website Software as a Service Scam Training Managed IT Update Infrastructure Google Drive Business Intelligence Human Resources Quick Tips Keyboard Content Management VPN Botnet Processor Password Private Cloud IT Plan Disaster Recovery Government Virtual Assistant Managed IT services Blockchain OneNote Virtualization Redundancy Voice over Internet Protocol Automation Wi-Fi Telephone Systems Unsupported Software Save Money Social Engineering Avoiding Downtime Augmented Reality Identity Theft Education Apps Spam Blocking Telephone System Comparison Help Desk Google Docs Bring Your Own Device Machine Learning Access Control IT Management Digital Signage Law Enforcement Sports Mobile Computing Default App Evernote Cleaning Big Data Trending Biometric Security HaaS Virtual Machine Recycling Devices Solid State Drive Cryptomining Downtime YouTube Mouse Windows Server 2008 Windows Server 2008 R2 Authentication Windows 10s Google Search Smart Office HBO IT Infrastructure Practices Screen Mirroring Safe Mode Security Cameras Cache Manufacturing Amazon Employer-Employee Relationship Networking Shortcuts Hypervisor eWaste Thought Leadership Audit Physical Security Remote Worker Database Telecommuting Root Cause Analysis Wireless Microchip Computer Care Bandwidth Save Time Document Management Camera Outlook Investment Charger Hosted Computing Cast Smartwatch Skype Wireless Internet Virtual Reality Amazon Web Services Accountants Enterprise Content Management Mobility Vendor Management Legal Wiring Business Technology Travel Remote Work Search Engine Patch Management Hard Drive Password Manager Nanotechnology Public Cloud Proactive IT Tools Work/Life Balance Frequently Asked Questions Recovery ROI Wireless Charging Inventory Health Start Menu HIPAA USB Cabling Data loss Password Management Social Sync Multi-Factor Security Saving Time Criminal Computer Fan Firewall Digital Signature Servers 5G Bing WiFi Business Mangement Smart Tech Software Tips MSP Net Neutrality Millennials Entertainment Warranty Excel GDPR Google Apps Employee Electronic Medical Records Wire Cables Online Shopping Cortana Alert The Internet of Things NIST Vendor Procurement Addiction FENG Hacker Unified Threat Management OLED Credit Cards PDF HVAC Flash Gmail File Sharing ISP Value Workforce Printer Tip of the week Remote Computing Workers Specifications Data Management Employee/Employer Relationship IP Address Hiring/Firing Customer Service Regulation Mobile Office Fun Domains Company Culture Emergency Windows 10 Public Speaking Hard Drives Presentation Managing Stress Lithium-ion battery Printers Search Twitter Wireless Technology Personal Information Tech Support CrashOverride Safety IBM Productivity Marketing Financial Budget Managed Service Provider Competition Customer Relationship Management Compliance