In the technology world, it’s important to stay on top of the latest threats. Strong IT security is based on education – always learning, understanding, and preparing the environment for what comes next. In our business, we call it practicing “good cyber hygiene”.
Some best-practices include staying vigilant against the newest phishing scams – designed to obtain personal information from unsuspecting targets. Hackers use these attacks to obtain user names and passwords, or trick people into installing dangerous malware. Cyber criminals then try to steal such personal details as social security numbers, credit card data, or bank account information. New phishing attempts also include ransomware threats like “WannaCry” – engineered to shut down business operations until a ransom is paid.
Each and every year, attackers become more prevelant. In recent phishing campaigns, spoofed e-mails appeared to come from document signing providers. The e-mail appeared legitimate and from a “trustworthy” source, such as a procurement department or real estate company. But when users clicked on the link, attackers either installed malware or requested login credentials to access personal data.
If your business wants to avoid becoming the next victim, each and every employee must understand and practice good cyber hygiene. To get started, here are my recommendations to avoid the top phishing threats:
- Never click a link unless you’re absolutely sure it’s authentic. Instead, open a new browser window and type in the company’s valid URL. A quick internet search can uncover a valid company address.
- Always be on the lookout for e-mails with typos, poor grammar, bad spelling, and vague salutations or impersonal greetings.
- Never disclose login credentials. Banks and other businesses don’t ask for account information via e-mail.
- Beware of urgent or threatening language. Watch for subject lines or messages containing such phrases as “your account has been locked and requires immediate action”.
- Do not click on unexpected or suspicious attachments. Many of them contain malware.
- Don’t ever forward unknown or suspicious e-mail to friends or colleagues. Closely follow your company’s procedures and notify the security department to prevent other attempts.
- Be careful and avoid responding to unknown or suspicious e-mails. Instead, contact the alleged sender directly to verify e-mail authenticity.
- Install reliable anti-virus software, set to automatically update. This protects against the latest known viruses.
- Keep computer software up-to-date using auto-update. Security patches are released often, and are essential to protection.
- Back up all devices! Securely stored back-up avoids a ransom payment.
At CenturyLink, we have decades of experience solving most security challenges – having experienced many of them first-hand. In fact, our advanced Enterprise IT security services are actively and successfully being deployed at some of the world’s leading organizations. If you’d like to become one of them, please contact our cybersecurity experts for a free consultation.
I’m always open to sharing my own personal work experiences and listen to yours. Feel free to contact me directly in the comment section below.
In the advanced age of cyber threats, it’s critical to review the above recommendations carefully and always remain vigilant. If not, the next victim could be you!
This article originally appeared in Forbes Voice on July 19, 2017.