A Cybersecurity Awareness For Employees and Business Owners
When it comes to cybercrime, one thing is certain: the most effective way for criminals to distribute malware to an unsuspecting victim is via email. As more people use mobile devices, text-based threats are becoming increasingly common. If you have any doubts about a text message or email, do not open it. Delete it right away.
TAKE-ACTION TIPS
VERIFY TO CLARIFY
Don’t click a link in an email or text message that asks you to confirm or submit financial information, login information, or any other sensitive personal information. To validate the request, call the organization right away (not using the contact information provided in the email). You can also go into your account on the company’s legitimate website to see if you have any messages or action items.
WHEN IN DOUBT, THROW IT OUT
Cybercriminals can easily reach you through links in email, tweets, texts, postings, social media messaging, and online advertising. Be cautious about clicking on links or downloading anything that comes from someone you don’t know or that you didn’t expect. In a nutshell, don’t trust links.
STRANGER DANGER
Remember how you weren’t supposed to take candy from strangers? Apply the same logic to the internet world. Do not click links in emails, text messages, chat boxes, or other messages from individuals you do not know, and be wary of links sent by people you do know.
READ THE EMAIL OR TEXT CRITICALLY
Is the sender requesting that you do something you wouldn’t ordinarily do, such as go against corporate policy? Is it strange that your credit card provider wants you to verify your credit card number or Social Security number? (Yes, they already have that information.) Are there any terms that have been misspelled or phrases that you haven’t heard before? Is there a sense of urgency, as if you need to click or act right now? These are usually context cues in the email or text that something isn’t quite right.
UNSUBSCRIBE MIGHT SUBSCRIBE YOU TO A HACK
A call to action in an email, such as “unsubscribe” or “respond to cease receiving these communications,” can deceive you. If the email is spam, it is preferable to simply delete it or report it as spam.
A FEW TRICKS
EMAIL SETTINGS AND CONFIGURATION
Change the settings in your email account to show the sender’s email address, not just their display name. This will allow you to confirm that the sender’s email address is correct (for example, info@staysafeonline.org vs. info@staysafe0nline.org). (incorrect) — take note of the single change from an o to a 0.
PLUG-IN ASSISTANCE
In your internet browser, there are certain plug-ins that will show you the true path of a URL. You might want to enable that security feature in the security settings of your internet browser.
HOVER TO DISCOVER
You can hover your cursor over the link (but don’t click!) Once you’ve done that, the correct way will appear. Does the destination of the link meet your expectations? If it does not appear to be genuine, do not click. Immediately delete the email.
WHAT ARE YOU HIDING?
Hackers frequently utilize shortened URLs to make a malicious link appear harmless. If you obtain a short URL, you can use free internet tools to reveal the correct path by copying and pasting the short URL into the tool. But proceed with caution. You don’t want to click the URL by accident. If you don’t want to copy and paste, simply delete the email or text message with the shortened URL and go to the company’s main site to access the promotion or event you’re looking for.
HAVE ANTI-MALWARE AND ANTIVIRUS INSTALLED ON ALL OF YOUR DEVICES
It’s even possible to put it on your phone. This will provide an additional layer of security, but it will not take the place of your need to be cautious and watchful.
WHAT TO DO?
Consult with reputable cybersecurity firm in your local area to assess your current network and to avoid cyber-attack in your business. Make sure to ask this cybersecurity firm to provide cybersecurity awareness training to all your employees. It’s best that you are ready for these circumstances and take precautionary actions.
WHO WE ARE?
IT21ST is a local Cybersecurity and IT Solutions firm that has been assisting clients in a variety of industries with their IT challenges for over 33 years. Our consultation is completely free and comes with no obligations. Allow us to do a complimentary IT Cyber Security Assessment for you!
Please call us at 855-4IT21ST [855-448-2178] or contact us via email at info@IT21ST.com.
Resources:
Google: Free Phishing Quiz https://phishingquiz.withgoogle.com/
CISA: Avoid Phishing & Social Engineering Attacks https://www.us-cert.gov/ncas/tips/ST04-014
NCSA & Adobe: Phishing & Ransomware Video https://staysafeonline.org/blog/security-awareness-episode-4-phishing-and-ransomware/