The internet brings huge business opportunities and benefits, but it brings risks, too. Every day there are cyberattacks on companies, attempting to steal information and money, or disrupt a business. It is increasingly important that we manage these risks to take advantage of the internet whilst protecting our business.
Safety essentials checklist:
Safety essentials checklist:
- Download software updates. The timing of these updates are always when we are our busiest, but they are so very important as they often contain vital security upgrades. So don't delay, update today!
- Use strong passwords using numbers, uppercase and lowercase letters and symbols. See the YouTube clip below for some really great tips.
- Delete suspicious emails. If an email looks suspicious, don't even open it; just delete it immediately. If it appears to be from a friend, just message that friend and ask them if it's safe to open. In most cases you will find that your friend's email account has been hacked!
- Use an anti-virus software. For free antivirus software, check out moneysavingexpert.com
- Train your staff.
I found this great YouTube clip about password safety. In only 5 minutes it explains exactly what you need to do to have the safest passwords. T his might be the best 5 minutes you have ever spent.
Understanding Cyber Fraud
It is important that we have an understanding of how hackers can gain entry to our business accounts. Understanding this will give us a greater awareness of how we can be attacked.
Phishing and Spoofing
Phishing is an act of deception through which hackers attempt to acquire sensitive information such as usernames, passwords, and credit card details for malicious reasons. Phishing attacks often use spoofed emails and fraudulent websites designed to fool recipients into voluntarily disclosing personal information such as credit card numbers, account usernames, passwords, and social security numbers.
Phishers are able to convince others to respond to them by mimicking the branding of well-trusted companies. Emails can look like they came from a financial institution, e-commerce site, government agency, or even a family member. These emails or websites often urge you to act quickly.
Phishing scams are also prevalent on social networking sites.
If you are unsure whether an email request or web form is legitimate, do not reply or click on the links in the message. If your bank, credit card company, or other important institutions are trying to contact you, they can and will either call you or write to you. They know a great deal about this type of cyberattack and, therefore, would never email you for personal information, passwords, or your account details.
Email and systems hacking are the two most common types of hacking. Email hacking occurs when cybercriminals gain unauthorized access to your email accounts and applications connected to your email domain. Systems Hacking is when hackers access your company's systems and/or servers and gain the ability to view, export, or manipulate information.
Over the past year or more I have seen an increased number of hacked Facebook accounts. I did a quick search on my search engine and discovered how easy it is to do! So, I recommend you tighten your Facebook security without delay! Firstly, make sure that your password is not easy to hack by using a complicated series of letters, numbers, and symbols. You can also add an extra layer of security, making it even harder for someone to hack your account. This is known as Code Generator, click on this link to find out more.
Here are some additional security tips recommended by Facebook.
Here are 6 things you can do to help keep your account safe:
Occurs when someone uses personal information such as your name, Social Security Number, date of birth, or other identifying information without your permission to commit fraud or other crimes.
In a social engineering incident, an attacker uses social interaction – either in person or through digital platforms* – to gain information about a system or organization. An attacker may seem unassuming and respectable, and potentially claim to be someone you trust – a fellow employee, repair person, friend of a friend. By asking questions, this attacker can piece together enough information to infiltrate your systems and potentially an organization’s network. If an attacker is not able to gather enough information from one source, he or she may contact multiple sources within the same organization or social network.
*A digital platform refers to the software or hardware of a site. For example, Facebook is a digital platform.
I read a very interesting article on ComputerWeekly.com about a lady who employed the services of a web developer who did an innumerous amount of damage to her small business. If you have the time, I recommend reading the article; it will only take a few minutes. I have added a link to the article below.
Malware – short for malicious software – is software that is created by hackers that can be sent to your device or online platforms in order to gain access to sensitive information. Malware includes viruses, spyware, and Trojans that are designed to damage your computer system or steal information. This often happens when users click on unauthorized links or do not keep software up-to-date.
Damage from malware varies from causing minor irritation (such as browser popup ads), to stealing confidential information or money, destroying data, and compromising and/or entirely disabling systems and networks.
Malware cannot damage the physical hardware of systems and network equipment, but it can damage the data and software residing on the equipment. Malware should also not be confused with defective software, which is intended for legitimate purposes but has errors or bugs.
Key logging is a software that tracks every single keystroke that you type. It can also take screenshots and e-mail them to your address. Some Key loggers run in the background without the user's knowledge. Sometimes an anti-virus may not catch this as threats.
Develop a security policy
This is critical for every business whether a sole trader or a company that employs staff. 71% of cyberattacks happen to businesses that employ fewer than 100 employees. Small businesses are much easier to attack, as most consider themselves too small to be hacked and don't necessarily have the best security procedures in place, but sadly this is not the case.
Educate your employees about the warning signs, safe practices, and responses to a suspected takeover. Make sure they use complex, unique passwords and maintain a “clean desk environment” where personal and confidential information isn't exposed.
Pick up the phone.
Verify financial requests and confirm details by phone instead of relying on email to initiate or complete any financial transaction whether you are dealing with your bank, vendors, clients, or employees.
Use a two-step verification process to add another layer of security to approving outgoing funds – it will help protect you from a loss.
For more details on two-step verification click HERE
Keep your software up-to-date.
Don’t delay updating your anti-virus software or other security applications. Up to date, good software will help you guard against the latest threats and keep your infrastructure secure.
If there is one thing you do today after you have read this blog, change your passwords. This is something that we should all do on a regular basis. A great deal of my work is internet-based and I must confess I knew very little about cyberattacks and, probably like most people, believed that it's something that won't ever happen to me. Now after writing this blog and reading a number of different articles I know that I am being very nieve and that I should review my computer safety without delay.
I have added in quite a few links to this blog. I promise that they are all safe to open.
I hope that this post may help some of you. I know that by doing the research for this blog it has helped me a great deal to understand how easy it is to be attacked and what I can do to help prevent it.
Keep safe and happy ballooning!