LOUISVILLE, KENTUCKY
ATLANTA, GEORGIA
CHICAGO, ILLINOIS
CINCINNATI, OHIO
DENVER, COLORADO
MADISON, WISCONSIN
RARITAN, NEW JERSEY
TORONTO, ONTARIO
NOIDA, INDIA
HYDERABAD, INDIA

V-Soft's Corporate Headquarters

101 Bullitt Lane, Suite #205
Louisville, KY 40222

502.425.8425
TOLL FREE: 844.425.8425
FAX: 502.412.5869

Denver, Colorado

6400 South Fiddlers Green Circle Suite #1150
Greenwood Village, CO 80111

TOLL FREE: 844.425.8425

Chicago, Illinois

208 N. Green Street, #302, Chicago, IL 60607

TOLL FREE: 844.425.8425

Madison, Wisconsin

2810 Crossroads Drive, Ste. 4000
Madison, WI 53718

TOLL FREE: 844.425.8425

Atlanta, Georgia

1255 Peachtree Parkway Suite #4201
Cumming, GA 30041

TOLL FREE: 844.425.8425

Cincinnati, Ohio

Spectrum Office Tower 11260
Chester Road Suite 350
Cincinnati, OH 45246

Phone: 513.771.0050

Raritan, New Jersey

216 Route 206 Suite 22 Hillsborough Raritan, NJ 08844

Phone: 513.771.0050

Toronto, Canada

1 St. Clair Ave W Suite #902, Toronto, Ontario, M4V 1K6

Phone: 416.663.0900

Hyderabad, India

Incor 9, 3rd Floor, Kavuri Hills
Madhapur, Hyderabad – 500033 India

PHONE: 040-48482789

Noida, India

H-110 - Sector 63 ,
NOIDA , Gautham Budh Nagar ,
UP – 201301

How to Prevent Phishing from Compromising Your Business

Resized_AdobeStock_91531301

With no knowledge, employees are tricked to undoubtingly giving access or sensitive data to hackers seeking to harm your business. Phishing (fish-ing noun) is a cybercrime where targets are contacted via telephone, text message or email by someone acting as a legitimate institution to convince people into providing sensitive data like personally identifiable information, credit card and banking details, passwords, etc. But with the right knowledge, you can recognize these cyberattackers without having to dig for answers.

What Do Phishers Do with Your Data?

Once your information is obtained, it is used to access valuable accounts and can result in identity theft and financial loss. Implementing your security measures does little to nothing if your employees are clicking malicious links they believe came from friends or clients- giving away the keys to your business. Phishers attempt to trick employees into installing malware or gain insight for attacks by claiming to be from IT. Train your employees not to hesitate to contact your IT department if they are receiving suspicious calls or emails. Besides email and website phishing, there is also ‘vishing’ (voice phishing), ‘smishing’ (SMS phishing) and various other phishing techniques hackers and cybercriminals are developing.

The first phishing lawsuit was filed in 2004 against a California teenager who created an imitation website for “America Online”. He used this fake website to gain sensitive information from users and access the credit card details to withdraw money from their accounts.

Common Phishing Emails

Too Good to be True 

Profitable offers and attention-grabbing statements are designed to attract people’s immediate attention. Many will claim that a prize-winning of some sort like an iPhone, a vacation, a lottery, some lavish prize. If it seems too good to be true, it most likely is! Never click on any suspicious emails.

What’s the Rush? 

Popular tactic cybercriminals have in common is to urge you to “ACT FAST!” because the amazing deals are only for a limited time. Some will promote that you only have a few minutes to respond, some will tell you that your account will be suspended unless you update your personal information immediately. These emails are best to ignore. Reliable organizations give you substantial time to update any information needed, and will never reach out to users over an unsecured internet ad.

Hyperlinks

Links can act as the perfect disguise. Hovering over a link shows you the true URL the link will take you to upon clicking it. Usually, it will display a completely different site, or appear to be a popular organization’s website with a misspelling; www.anericaonline.com – the ‘m’ is actually an ‘n’, so look closely.

Attachments

Attachments can be tricky. If you weren’t expecting it, don’t open it! Attachments often hold payloads like ransomware or other harmful viruses. The only file type that is always safe to open is a .txt file.

Unknown Sender

Everyone gets curious. Whether you receive an email from someone you do or do not know, if anything appears out of the ordinary, unexpected or suspicious, do not click on it.

It’s imperative not to leak intellectual properties- not even accidentally. Cybercriminals go to great lengths to obtain sensitive data. Sharing a picture online with a whiteboard, documents or a computer screen in the background could reveal information that people outside of your company shouldn’t see. IT departments are not consistently aware of all cyber threats, so immediately report any security warnings from your internet security software.

If working remote or traveling and plan on using the public wireless Internet, alert your IT department beforehand. If your company offers a Virtual Private Network (VPN), be sure to connect to it over any other network.

Preventing Phishing Attacks

For one reason or another, people can easily be fooled when it comes to online interactions. It’s much easier to trick users, which is why phishing attacks are so excessive. There are countless potential consequences, and identity theft is in the thick of them. Even though hackers are constantly formulating new ways to get what they're after, there are some practices you can utilize to protect yourself and your organization:

  • Spam filters can be used to protect against spam emails. Generally, spam filters evaluate the source of the message and the software used to send the message and its image to determine if its spam. Periodically, spam filters will block emails from authentic sources, so the software isn’t always 100% accurate.
  • Change your browser settings to prevent deceptive websites from opening. Bowers keep a list of fraudulent websites that will block the web addresses or send an alert message. The browser settings should only allow reliable websites to open.
  • Most websites require users to enter login information with a user image displayed. These systems may open to security attacks. To maintain security, change passwords on a consistent basis, never using the same password for multiple accounts. For added security, use a CAPTCHA system for website logins.
  • Hover over the URL of all links before clicking them. Secure websites with valid Secure Socket Layer (SSL) certificate will always begin with “https”. In time, all sites will be required to have a valid SSL.
  • Bank and financial institutions use monitoring systems to prevent phishing. Individual employees can report phishing threats, then legal actions can be taken against the fraudulent websites. Provide your employees with security awareness training to recognize potential threats.

Spoofing emails sent by cyber-criminals are disguised to appear to be sent by a business that offers services to the users. Most will not ask for personal information via email or threaten to suspend your account for any reason. Generally, banks and financial institutions will provide an account number or other personal details within the content of the email, which assures its source is reliable.

Employees are on the front lines of information security. The more that can be done to regularly educate employees about the modest things to protect their devices can go a long way towards protecting your organization.

Cyber Security Assessment

Topics: Managed Services, Cyber Security

Get tech and IT industry Updates