‘Tis The Season
'Tis the season to be jolly. The final two months of the year are full of activity. There are holiday dinners and parties, shopping for gifts, and traveling to visit with family and friends. These activities are all vital to society, but with all of that activity, it is hard not to be distracted. That's why it is all the more important to take some time to refocus on an essential line of defense against hackers, the human firewall.
Your company network undoubtedly has a firewall that stands between the outside world and the company network keeping bad actors at bay. The employee is a human version of that network appliance. Failure to keep employees trained on how hackers can use them to gain access to information could be just as detrimental as a bug in the network firewall. Both could result in a costly breach that might ruin a company and cost many jobs.
It is paramount that everyone is vigilant and knows the signs of a phishing attack. Phishing (pronounced like "fishing") is an attempt to use email to trick employees into divulging sensitive information or grant access to company resources. Employees with access to email should be wary of communications from unknown senders, analyzing them with questions such as:
Would you get an email from this person?
Are you usually the source for what they need?
A stationary salesperson will probably not reach out to the security guard.
Does the domain name in the email address match who the sender claims to be?Someone from ABC Supply company will probably have something akin to the company name after the "@" symbol in their email address.
Is the sender requesting something completed in a hurry?
Bad actors will often rush you into making a rash decision before you can analyze the request.
If there are links in the email, are they misleading?
You can check this by hovering over the link with your mouse. Be suspicious when the URL revealed doesn't match the words in the link.
This isn't always the case, but these phishing attempts often originate from foreign sources where cybercrime laws are laxer, and English may not be the sender's first language.
These are just a few things that should raise red flags for employees analyzing suspicious emails. Of course, Virtual Innovation is here to help with your cybersecurity awareness training needs with tools, resources, and training to keep your employees informed and vigilant. Additionally, we can help identify employees who need more attention to strengthen the "human firewall" in your organization.
For more information, don't hesitate to get in touch with your Virtual Innovation Security Specialist at 219-405-6533.