Today everyone is on edge regarding online safety, email security and internet protections. There are so many levels of intrusions and situations it’s hard even for technical industries to keep up. We wanted to share a few basic definitions and some real-life situations to be aware of, so your business, staff, and families stay safe online.
- Spam: Usually defined as an unsolicited, bulk, commercial email. Spam is from someone trying to sell you something. The most common types of spam are healthcare and dating. Spammers are attempting to obtain personal information from a victim. The terms junk mail and spam have become somewhat interchangeable.
- Phishing: Tricking individuals to disclose personal information or take a dangerous action, such as opening an infected attachment or visiting a compromised website.
- Spear Phishing: When a probe for information is a ‘targeted’ attack on a specific individual. The attacker has researched the target which leads to a more successful attack.
- Spoofing: Tricking or deceiving you or your system by hiding the sender’s identity or faking the identity of another user.
BEWARE! SHARED CLIENT STORIES
- Several D&S IT Security clients have reported receiving emails that ask for personal information and are personal in nature (e.g., user name, password, house address). The sender appears to know some details about you and demands money in return for not posting suggestive data or pornographic clips. DO NOT RESPOND! Report the email as spam using “Report Manager” tool and delete.
- There have been cases of other emails that look like a typical internal office email. These are senders impersonating a staff member who send another staff member a request to ‘wire money’, purchase gift cards, or access webmail accounts. Hackers can find out who company decision makers or financial officers are via websites, and they use this to personalize the email. If an email is ever asking for money, use caution and be diligent in verifying the request off-line.
- Even staff at D&S IT Security receive fraudulent emails. Most recently these emails include attachments that are outside their specific job duties. For example, the email was from Accounts Payable asking to ‘confirm aging payables’ or ‘open outstanding invoices’. Again, do not open the attachment but verify the validity beforehand. Check the sender’s email and grammar usage. If it doesn’t seem right, then don’t respond. The emails and attachments are most likely spam.
- Security breaches have included large corporations like Jersey Mike’s, Target and LinkedIn. Basically, cyber attackers gain access to your personal information through a company’s system. You can never be too safe with your access and information. Keep your account passwords safe and change the complexity to make them more difficult to crack. D&S IT Security has been educating clients about the dangers of the Dark Web and tools we can use to see if your information has been compromised. Protect yourself and your business and always verify the request before doing anything.
WHAT YOU CAN DO
We’ve shared before about Email Security awareness; however, it takes several times and different ways for people to really get it. Gauge each uncertain email with some basic questions:
- Who is this person sending me the email? Check the email address to see if it’s a legitimate email.
- Do I know the sender? Does the message sound like them or how you usually interact?
- Are there typos in the email? Hover over the URL and see if the hyperlinked address matches the displayed address – if they don’t match it’s probably fraudulent.
- Is there access the sender has to my business/personal email contacts?
- What ‘task’ are you being asked to do? It is a normal operation?
- If being asked to do something, confirm the request. Follow up separately phone call, face-to-face conversation, text or create new email) to the known person/sender in the email to confirm the information.
- Do not click on links or open attachments unless you are certain they are from a valid source.
- Be judicious with your passwords! Change them to a higher complexity and maintain security.
- Keep up with the latest security measures and update your antivirus software.
When all else fails, reach out to D&S IT Security and we will do our best to help. We have an employees security training program to help educate your employees so everyone makes smart and safe decisions online.
D&S IT Security: YOUR PARTNER IN CYBER SECURITY
At D&S IT Security, we can help you advance your security posture, so that you don’t have to. We keep up with our social media sites to stay up-to-date on the latest tech trends, security information you need to know to stay safe online, and tips and tricks to effectively navigate an increasingly mobile world.