Protecting Your Organisation from Phishing Attacks
How to keep your company one step ahead of cyber-criminals.
Phishing attacks are among the most common forms of cyber-attack. They come in many varied forms and unfortunately, the numbers of attacks increase each year.
In order to reduce the risk, phishing attacks pose we have put together these useful tips to avoid becoming the victim of such attacks. To get the most out of this article we suggest you share it with all your colleagues, friends and family.
- Make use of an Anti-Virus Software
Anti-virus software is an absolute necessity. AV software will significantly reduce the threat of viruses, malware, spyware, etc. especially if you keep it up to date so that it can check for the latest viruses. If cost is an issue then free anti-virus software is available through Avast for business use. While this is a limited product, it still gives a reasonable amount of protection from phishing attacks.
- Beware of Emails from Strangers
Always be careful when opening emails from unrecognised senders as they could be phishing attacks. Look out for the following:
- Complicated email address that is not a company name, for example: *protected email*
- Emails asking for financial information, passwords etc.
- Emails that claim to be urgent, or threaten you into providing information. Hackers often try to impersonate IT staff or claim to be third party providers needing to manage or upgrade computers in order to gain access to systems. These attacks sometimes take the form of phone calls, normally by an aggressive, pushy individual.
- If the email does not address you by name be careful.
- Be careful of emails claiming to be invoices or payments from unrecognised clients or service providers.
- Be careful of links and attachments sent by unknown senders. The attachments may hide viruses and the links could direct you to malicious sites. Hackers will often disguise links to look legitimate. If you hover your mouse over a link, you will normally see a preview of the actual destination near the bottom of your computer screen, if this destination is different from the link text chances are it is a dangerous link.
- Information Security
Do not send personal or financial information via email unless you can send it as an attached document with password protection. The password should be communicated separately using sms or a phone call but not via email. If hackers have gained access to your email account without you knowing, they will be able to intercept your information.
When logging onto to websites such as banking sites or similar sites, look for green, ‘https://’ text with a lock symbol in the address bar. This indicates an encrypted connection to the site. If the ‘https://’ is crossed out and red be careful of the website it may be hacked. If this happens on a site you use regularly contact the site telephonically to query the issue before trying to use the website.
- Be Careful of Popups
Website popups are very common and many are not harmful as they simply try to persuade you to sign up for emails. As long as you are on a site you trust and have looked up yourself, these popups are reasonably benign and at worst, you may get a few more emails that you would like if the company misuses your email.
There are however dangerous popups. These are normally very plain and simple looking (hackers can be quite lazy) and tell you things like “You are visitor number 1000000, click to receive your prize” or “Click to scan your computer registry.” These popups can install malware on your computer or direct you to dangerous websites.
Probably the safest course of action is to ignore or avoid all popups unless you are 100% sure it is on a trustworthy site.
- Check Accounts and Passwords Often
If you use online banking or similar sites where you have accounts, check your transactions regularly for suspicious activity. Another good idea is to change passwords on your emails and other accounts every few months.
One final tip… when it comes to emails from unknown senders or unfamiliar websites follow this mantra: “When in doubt, cut it out.”