fbpx
253.777.0763    Get SUPPORT

Graemouse Technologies Blog

Staff Education Goes a Long Way in Preventing Security Issues

Staff Education Goes a Long Way in Preventing Security Issues

In a perfect world, keeping your antivirus updated and having a good firewall in place would be enough to protect your business from cybersecurity threats.

Unfortunately, most attacks still come in through email, and can slip by your users. Even the most complex cybersecurity platforms used by massive corporations and governments can be foiled by a simple phishing attack, and your end-users are your last line of defense.

How Can an Employee Fall Victim?

Phishing attacks are designed to look real. An email might come in looking like a valid message from Paypal, a bank, a vendor, or even from another employee or client. Hackers use several tricks to make the email look real, such as spoofing the address or designing the content of the email to look legitimate.

Unfortunately, if the user clicks on the link in the email or downloads the attachment, they could open themselves and your company up to whatever threats contained within.

Commonly, this leads to stolen sensitive information, or installs malware on the device, or grants the hacker the ability to log into the user’s bank account.

While having strong IT security can reduce the amount of these phishing attacks that come in, a percentage can be tricky enough to bypass your firewalls and content filters, exposing your staff to situations that could your whole endeavor in

Educate Your Employees

It’s important to teach employees how to catch a phishing attack. We recommend sharing the following steps with your staff, or even printing them out and posting them around the office:

  1. Carefully hover (don’t click!) over links and see if they go to a legitimate URL. If the email is from Paypal, a link should lead back to paypal.com or accounts.paypal.com. If there is anything strange between ‘paypal’ and the ‘.com’ then something is suspicious. There should also be a forward slash (/) after the .com.   If the URL was something like paypal.com.mailru382.co/something, then you are being spoofed. Everyone handles their domains a little differently, but use this as a general rule of thumb:
    1. paypal.com - Safe
    2. paypal.com/activatecard - Safe
    3. business.paypal.com - Safe
    4. business.paypal.com/retail - Safe
    5. paypal.com.activatecard.net - Suspicious! (notice the dot immediately after Paypal’s domain name)
    6. paypal.com.activatecard.net/secure - Suspicious!
    7. paypal.com/activatecard/tinyurl.com/retail - Suspicious! Don’t trust dots after the domain!
  2. Check the email in the header. An email from Amazon wouldn’t come in as . Do a quick Google search for the email address to see if it is legitimate.
  3. Always be careful opening attachments. If there is an attachment or link on the email, be extra cautious.
  4. Be skeptical of password alerts. If the email mentions passwords, such as “your password has been stolen,” be suspicious.

Phishing Simulation

Another great tactic is to have regular phishing simulations. This is where we create a series of fake phishing emails (don’t worry, it’s safe), and randomly send it to your staff. When someone falls for the attack, we send them educational information to help them prevent being tricked by a real one.

We’ve found this to be very effective, without taking a lot of time out of an employees already busy day.

Are you interested in helping to protect your staff from falling victim to phishing attacks? Give us a call at 253.777.0763.

Even Small Businesses are Targets for Hackers
Tip of the Week: How to Utilize Your Business’ Ema...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, June 17 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Education Cloud Computing Google Drive Network Security Managed IT Services Automation Comparison Windows Cleaning Default App Infrastructure Passwords Networking Update Internet of Things Malware Communications Tip of the Week Telephony Server Business Mangement Work/Life Balance Holiday Business Continuity Software as a Service Training Data Storage Accountants IT Management Windows 7 IT Services Operating System Communication Information Managed IT Services Saving Money Net Neutrality Best Practices Android Government Encryption Legal Fraud Internet Staff Technology Phishing Word Meetings BYOD IT Plan Workplace Tips Collaboration Data Security Physical Security Identity Theft Save Time Smartphones Business Intelligence Printer Avoiding Downtime Password Excel Data Office 365 Data Backup Microsoft Windows 10 Computers Internet exploMicrosoft Online USB Windows 10s Save Money Unified Threat Management Tech Term VoIP Gadgets Patch Management Efficiency Google Docs Connectivity Data Protection Telephone Systems Humor Servers Website Ransomware Security Users Wireless Internet Business Management Social Engineering Help Desk Artificial Intelligence Human Resources Safe Mode Health Private Cloud Browser Email Mobile Computing Money Bring Your Own Device Devices Cybercrime Conferencing Settings Google Search Scam Paperless Office Managed Service Social Media Wireless Apps Bandwidth Voice over Internet Protocol App Tools Knowledge Windows 10 Cybersecurity Blockchain Spam Mouse Sports Biometric Security Millennials BDR Computer Data Recovery Software VPN Mobile Device Vulnerability Disaster Recovery Virtualization IT Support Virtual Assistant Redundancy Business Cryptocurrency Data Management Two-factor Authentication Machine Learning Hosted Solutions Telephone System Charger Router Microsoft Office Access Control Backup Business Technology Small Business Cloud Keyboard Botnet Data Breach OneNote User Tips iPhone Employer-Employee Relationship Augmented Reality Unsupported Software Business Computing Productivity Public Cloud Network Congestion PDF Applications Upgrade Spam Blocking Thought Leadership Wire Network Facebook Law Enforcement Display Hardware History Privacy Google Managed IT Mobile Devices Miscellaneous Wireless Charging Innovation Remote Monitoring Quick Tips Alert Outsourced IT Wi-Fi Chrome Content Management Smartphone Mobile Device Management Hackers CES HVAC How To

Newsletter Sign Up