In appreciation of Cybersecurity Awareness month, here are fourteen areas of interest that everyone should be aware of:
Ransomware
Ransomware is malware that denies access to files by encrypting them with a password. Typically, cybercriminals demand a ransom for the decryption key.
Malware
Malware is a contraction for malicious software. Malware is intrusive software designed to damage and destroys computers and computer systems. Examples of malware include viruses, worms, trojan viruses, spyware, adware, and ransomware.
You Are The Shield
Cybercriminals take advantage of human behaviors to steal credentials, install malware, and infiltrate the organization. Every team member should have the skills to identify threats to them and your organization. You are the shield responsible for securing the data for yourself and your organization!
Social Engineering
Cybercriminals have learned that a carefully worded email, voicemail, or text message can convince people to transfer money, provide confidential information, or download a file that installs malware on the company network.
Phishing
A phishing attack could be a generic scam looking for anyone with a PayPal or UPS account. They can also be a targeted attack focused on you. The attacker often tailors an email to speak directly to you and include information only you or an acquaintance would know. The sender typically obtains these details by reviewing your data.
Smishing
Smishing is a form of social engineering that exploits SMS, or text, messages. Text messages can contain links to such things as webpages, email addresses, or phone numbers that, when clicked, may automatically open a browser window or email message or dial a number. This integration of email, voice, text message, and web browser functionality increases the likelihood of users falling victim to engineered malicious activity.
Vishing
Voice phishing, or vishing, is the use of the telephone to conduct phishing attacks.
Password Habits
These habits include changing all passwords at least twice a year. Password lists are often stolen and sold on the dark web. This rule is why it is so important to change our passwords frequently.
Multifactor Authentication
Multifactor authentication works by adding another layer of security to your online accounts. It requires additional login credentials beyond your username and password and requires a second form of authentication, such as your cell phone or keyfob. Multifactor authentication reduces the chance of an account breach by 99%.
CEO Fraud
CEO Fraud is a scam where cybercriminals spoof email accounts to impersonate executives to try and fool an employee in accounting or HR into executing unauthorized wire transfers or sending confidential tax information.
Data Protection and Loss
Ensure that your team members do not send sensitive or critical information outside the corporate network and the associated risk of doing so.
Social Networks
Make sure you and your team are aware of the dangers of posting confidential information on social networks. These details are the information that cybercriminals use to create a profile of you, so the less information shared, the less chance cyber thugs can impersonate you.
Mobile Devices
Ensure that a PIN secures your team member’s devices if they access corporate data or store corporate phone numbers.
Remote Access
Ensure that team members know not to use public Wi-Fi when accessing the corporate network and use antivirus on their home computers.
If you would like help making sure that your team members are aware of above areas of discussion, call Advanced Systems Solutions Inc, and we will help you ensure that your team is aware that they are the first line of defense!
Discover the ASSI difference today. Call us today at (407) 414-6626. We’d love to hear more about your small business and how ASSI can help you focus on what’s most important. Relax, we’re on IT.
Disclaimer: The above information is not intended as technical advice. Additional facts or future developments may affect subjects contained herein. Seek the advice of an IT Professional before acting or relying upon any information in this communiqué.