Any business in operation today needs to keep modern realities concerning cybersecurity at top-of-mind if they are going to successfully maintain the business going forward. One major issue to be cognizant of is the increasing prevalence of phishing attacks. During cybersecurity awareness month especially, look into your practices and be sure to keep looming threats in mind.
Did you know that, in 2018, phishing attacks had increased by 269 percent as compared to 2017? Furthermore, phishing was involved in 32 percent of all reported data breaches that year. That’s 1/3 of attacks. Businesses located in the United States also seem to have the most to be worried about, as almost 86 percent of phishing attacks were leveraged against American targets. Some of our clients aren’t even familiar with what these attacks are, and so it is harder for them to spot beforehand.
It’s No Wonder that Phishing is Being Addressed During NCSAM (National Cybersecurity Awareness Month)
NCSAM, or National Cybersecurity Awareness Month, is meant to encourage awareness of cybersecurity practices and behaviors in an attempt to promote them. This year’s lessons cover many basic cybersecurity practices – including how to identify and avoid phishing attempts, reinforcing the 2019 theme of “Own IT. Secure IT. Protect IT.”
Of course, we can also help you out by giving you some actionable best practices now.
- Be wary of unsolicited or unexpected messages – One of the biggest clues that something is a phishing message is that it will likely appear out of the blue. If you suddenly get an email “from Amazon” that says suspicious purchases have been made on your account and you need to re-verify your payment credentials, think about it for a second. The same concept applies to emails that come from any sender. Before you interact with one of these emails, try reaching out to the supposed sender through some other means to confirm. Especially if it involves any kind of personal or financial information.
- Avoid unanticipated links or attachments – Cybercriminals have become irritatingly clever in how they deliver their attacks and malware – not only delivering a convincing argument via phishing, but hiding executable malware inside documents that activate when the attachments are opened or delivered via a bad URL. Unless you were anticipating a link or attachment in an email, you should always be hesitant to click on them – at least until you’ve confirmed their legitimacy through another form of communication. Do not click anything before thinking twice.
- Check the details – Make sure that the email is actually coming from where it should. Cybercriminals will sometimes create fraudulent emails that, at a quick glance, look similar enough to the real one that a user may not spot the difference. Is the address from “contact@gmail-dot-com,” or from “contact@grnail-dot-com”? Look at the second option closely. G-R-N-A-I-L probably isn’t the mail service your contact uses, suggesting that this email is fake.
While this month may be dedicated to improved cybersecurity awareness, it isn’t as though you don’t have to consider it for the rest of the year. Symmetric IT Group is here to assist you in keeping your business and its data secure. Give us a call at (813) 749-0895 to learn more about the solutions we have to offer. Check out our business continuity and information security pages to find out how we can help your company, whether it be before or after a crisis.