Information Technology
Cybersecurity Tips
Submitted by Thriveon Information & Technology
When considering your computer security, many people focus on the device alone. But it’s also important to consider what happens when a threat bypasses some of your security programs—in the form of a malicious email or text, or even a voicemail that might prompt you to respond with confidential information. In this article, we explore the need for everyone to practice strict and secure security habits—not only to digital attacks, but also to prevent someone from simply walking by (in the office or at home) and picking up a device or document that contains sensitive information.
Always Know Where Your Devices Are
If you keep a cluttered desk you might also tend to leave USB drives and smartphones out in the open. You may also forget to physically secure your desktops and laptops so someone can’t simply walk off with them. Passwords will only protect you so far, if the hardware is out of your hands, the possibility of having someone hack into it is high. Be very aware of where you place your belongings.
Phishing Email Compromises
One of the most common forms of social engineering is email phishing—an attempt to acquire sensitive information such as usernames, passwords and credit card data by masquerading as a trustworthy entity. Phishing is likely the #1 primary email threat we all need to focus on. Such emails often spoof the company CEO, a customer or a business you know so that the victim thinks they are responding to a legitimate request. The FBI says CEO (or C-level) fraud has increased 270 percent in the past two years with over 12,000 reported incidents totaling over $2 billion dollars in corporate losses.
Social Engineering Inboxes and Voicemail
Another example of social engineering is a phone call or email where you receive a message that your computer is sending bad traffic to the Internet. To fix this issue, end users are asked to call or email a tech support hotline and prompted to give information that could very likely give the cybercriminal access to the company’s network. Once you’ve called this “Hotline” or been prompted to “Enter Data” – you have now exploited your computers security.
Such attacks are carried out when cybercriminals pose as credible, trusted authorities to convince their targets to grant access to sensitive data and high-security locations or networks.
Low Security with Passwords
Although it should be common sense, everyone should try to avoid the use of passwords that are easy for hackers to guess. Among the top worst passwords are those that use a series of numbers in numerical order, such as <123456>. The names of popular sports such as <football> and <baseball> are also on the list as are quirky passwords such as <qwerty> and even the word <password> itself. Make it a practice to use letters, numbers and characters.
Browsing the Internet
When end users venture out onto the Internet, it’s easy to get tangled up in the vast web of threats lurking on many website pages. Some of them are readily apparent, but others are well hidden.
Malvertising—a form of malicious code that distributes malware through online advertising—can be hidden within an ad, embedded on a website page, or bundled with software downloads. This type of threat can be displayed on any website, even those considered the most trustworthy.
Thriveon is a MN based, family owned IT Management and Security Services provider, focused on providing World Class IT for SMB’s. Call us at (855) 767-2571 or visit www.thriveon.net.