094 90 48200     Get SUPPORT

Aniar IT Services Blog

Staff Education Goes a Long Way in Preventing Security Issues

Staff Education Goes a Long Way in Preventing Security Issues

In a perfect world, keeping your antivirus updated and having a good firewall in place would be enough to protect your business from cybersecurity threats.

Unfortunately, most attacks still come in through email, and can slip by your users. Even the most complex cybersecurity platforms used by massive corporations and governments can be foiled by a simple phishing attack, and your end-users are your last line of defense.

How Can an Employee Fall Victim?

Phishing attacks are designed to look real. An email might come in looking like a valid message from Paypal, a bank, a vendor, or even from another employee or client. Hackers use several tricks to make the email look real, such as spoofing the address or designing the content of the email to look legitimate.

Unfortunately, if the user clicks on the link in the email or downloads the attachment, they could open themselves and your company up to whatever threats contained within.

Commonly, this leads to stolen sensitive information, or installs malware on the device, or grants the hacker the ability to log into the user’s bank account.

While having strong IT security can reduce the amount of these phishing attacks that come in, a percentage can be tricky enough to bypass your firewalls and content filters, exposing your staff to situations that could your whole endeavor in

Educate Your Employees

It’s important to teach employees how to catch a phishing attack. We recommend sharing the following steps with your staff, or even printing them out and posting them around the office:

  1. Carefully hover (don’t click!) over links and see if they go to a legitimate URL. If the email is from Paypal, a link should lead back to paypal.com or accounts.paypal.com. If there is anything strange between ‘paypal’ and the ‘.com’ then something is suspicious. There should also be a forward slash (/) after the .com.   If the URL was something like paypal.com.mailru382.co/something, then you are being spoofed. Everyone handles their domains a little differently, but use this as a general rule of thumb:
    1. paypal.com - Safe
    2. paypal.com/activatecard - Safe
    3. business.paypal.com - Safe
    4. business.paypal.com/retail - Safe
    5. paypal.com.activatecard.net - Suspicious! (notice the dot immediately after Paypal’s domain name)
    6. paypal.com.activatecard.net/secure - Suspicious!
    7. paypal.com/activatecard/tinyurl.com/retail - Suspicious! Don’t trust dots after the domain!
  2. Check the email in the header. An email from Amazon wouldn’t come in as . Do a quick Google search for the email address to see if it is legitimate.
  3. Always be careful opening attachments. If there is an attachment or link on the email, be extra cautious.
  4. Be skeptical of password alerts. If the email mentions passwords, such as “your password has been stolen,” be suspicious.

Phishing Simulation

Another great tactic is to have regular phishing simulations. This is where we create a series of fake phishing emails (don’t worry, it’s safe), and randomly send it to your staff. When someone falls for the attack, we send them educational information to help them prevent being tricked by a real one.

We’ve found this to be very effective, without taking a lot of time out of an employees already busy day.

Are you interested in helping to protect your staff from falling victim to phishing attacks? Give us a call at 094 90 48200 .

Tip of the Week: How to Utilize Your Business’ Ema...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, June 16 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Tip of the Week Security Technology Best Practices Business Computing User Tips Privacy Email Productivity Cloud Google Internet Tech Term Hosted Solutions Network Security Microsoft Data Innovation Hardware Hackers Data Backup Mobile Devices Workplace Tips Efficiency Cloud Computing Data Recovery Malware VoIP Smartphone Communications Communication IT Support Android Windows 10 Business Network Small Business IT Services Managed IT Services Smartphones Artificial Intelligence Software Business Management Gadgets Browser Backup Mobile Device Internet of Things Chrome How To Server Cybersecurity Windows Information Collaboration Router Spam Applications BDR Outsourced IT Computer Business Continuity Phishing Users Word Office 365 Cybercrime Miscellaneous Saving Money Computers Mobile Device Management Encryption Two-factor Authentication Passwords Staff Vulnerability Operating System Managed Service Data Protection Paperless Office BYOD Holiday Ransomware Facebook Remote Monitoring Connectivity Social Media Settings Money Data Security Cryptocurrency Display CES Telephony Unsupported Software Scam Training Data Storage Fraud Managed IT Software as a Service Update Human Resources Business Intelligence Wi-Fi Infrastructure Content Management Keyboard Spam Blocking VPN Botnet Augmented Reality Password Windows 7 Disaster Recovery Virtual Assistant Blockchain Managed IT services Apps Bring Your Own Device Government Automation Redundancy Voice over Internet Protocol IT Management Telephone Systems Microsoft Office App Save Money Meetings Social Engineering Google Drive Avoiding Downtime Education Identity Theft Website Telephone System Comparison Private Cloud IT Plan Upgrade Google Docs OneNote Virtualization Sports Law Enforcement Machine Learning Access Control Trending Mobile Computing Public Cloud Default App Evernote Cleaning Recycling Devices HaaS Cryptomining Biometric Security Authentication Windows Server 2008 Google Search Data loss YouTube Mouse Computer Fan Safe Mode Security Cameras Cache Smart Office Quick Tips Software Tips IT Infrastructure Practices HBO eWaste Thought Leadership Remote Worker Database Manufacturing Amazon Telecommuting Networking Shortcuts Bandwidth Computer Care Save Time Cortana Alert 5G Microchip FENG Smartwatch Wireless Internet Skype Document Management Camera Charger Hosted Computing Outlook Legal Hacker Wiring Business Technology Virtual Reality Amazon Web Services Accountants Travel Remote Work The Internet of Things Enterprise Content Management Mobility Password Manager Nanotechnology Patch Management Proactive IT Tools Work/Life Balance Search Engine Health HIPAA USB Start Menu Solid State Drive Wireless Charging Inventory Frequently Asked Questions Recovery Downtime Criminal Sync Multi-Factor Security Firewall Windows 10s Cabling Big Data Password Management Social Business Mangement Smart Tech WiFi MSP Net Neutrality Screen Mirroring Digital Signature Millennials Servers Bing Employee Employer-Employee Relationship Electronic Medical Records Wire Entertainment Warranty Audit Physical Security Google Apps Excel Vendor Root Cause Analysis Addiction Unified Threat Management Cables Online Shopping NIST Gmail Flash File Sharing ISP Cast OLED Credit Cards PDF Value Workforce HVAC Help Desk Tip of the week Digital Signage Data Management Specifications Wireless Printer Workers Hard Drives Windows 10 Search Public Speaking Regulation Presentation Lithium-ion battery CrashOverride Tech Support Emergency Wireless Technology Company Culture IBM Safety Investment Managed Service Provider Marketing Productivity Budget Managing Stress Customer Relationship Management Hiring/Firing Competition Printers ROI Twitter IP Address Fun Customer Service Mobile Office Domains Compliance