Onward Technologies Blog

Staff Education Goes a Long Way in Preventing Security Issues

Staff Education Goes a Long Way in Preventing Security Issues

In a perfect world, keeping your antivirus updated and having a good firewall in place would be enough to protect your business from cybersecurity threats.

Unfortunately, most attacks still come in through email, and can slip by your users. Even the most complex cybersecurity platforms used by massive corporations and governments can be foiled by a simple phishing attack, and your end-users are your last line of defense.

How Can an Employee Fall Victim?

Phishing attacks are designed to look real. An email might come in looking like a valid message from Paypal, a bank, a vendor, or even from another employee or client. Hackers use several tricks to make the email look real, such as spoofing the address or designing the content of the email to look legitimate.

Unfortunately, if the user clicks on the link in the email or downloads the attachment, they could open themselves and your company up to whatever threats contained within.

Commonly, this leads to stolen sensitive information, or installs malware on the device, or grants the hacker the ability to log into the user’s bank account.

While having strong IT security can reduce the amount of these phishing attacks that come in, a percentage can be tricky enough to bypass your firewalls and content filters, exposing your staff to situations that could your whole endeavor in

Educate Your Employees

It’s important to teach employees how to catch a phishing attack. We recommend sharing the following steps with your staff, or even printing them out and posting them around the office:

  1. Carefully hover (don’t click!) over links and see if they go to a legitimate URL. If the email is from Paypal, a link should lead back to paypal.com or accounts.paypal.com. If there is anything strange between ‘paypal’ and the ‘.com’ then something is suspicious. There should also be a forward slash (/) after the .com.   If the URL was something like paypal.com.mailru382.co/something, then you are being spoofed. Everyone handles their domains a little differently, but use this as a general rule of thumb:
    1. paypal.com - Safe
    2. paypal.com/activatecard - Safe
    3. business.paypal.com - Safe
    4. business.paypal.com/retail - Safe
    5. paypal.com.activatecard.net - Suspicious! (notice the dot immediately after Paypal’s domain name)
    6. paypal.com.activatecard.net/secure - Suspicious!
    7. paypal.com/activatecard/tinyurl.com/retail - Suspicious! Don’t trust dots after the domain!
  2. Check the email in the header. An email from Amazon wouldn’t come in as . Do a quick Google search for the email address to see if it is legitimate.
  3. Always be careful opening attachments. If there is an attachment or link on the email, be extra cautious.
  4. Be skeptical of password alerts. If the email mentions passwords, such as “your password has been stolen,” be suspicious.

Phishing Simulation

Another great tactic is to have regular phishing simulations. This is where we create a series of fake phishing emails (don’t worry, it’s safe), and randomly send it to your staff. When someone falls for the attack, we send them educational information to help them prevent being tricked by a real one.

We’ve found this to be very effective, without taking a lot of time out of an employees already busy day.

Are you interested in helping to protect your staff from falling victim to phishing attacks? Give us a call at 312-795-9500.

The Time Has Come for SQL Server 2008 and 2008 R2
What Does Your Business' IT Infrastructure Look Li...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, July 18, 2019

Captcha Image

Tag Cloud

Best Practices Security Technology Microsoft Privacy Tip of the Week Cloud Hackers Small Business Internet Server Workplace Tips communications Passwords Google Computer Backup Wireless Windows Miscellaneous Wearable Technology Hosted Solutions Innovation VoIP Saving Money Productivity Network Hardware Software Email Network Security Cabling User Error Network Congestion Upgrade Telephone System WiFi History Distributed Denial of Service Business Windows Server 2008 R2 Chrome Cables Mobile Device Data Smartphones Education Virtualization Gadgets App IT Support Productivity Encryption 5G Business Continuity Mouse Apple Remote Computing Holiday IT Infrastructure Windows 7 Phishing eWaste Recovery Staff Remote Monitoring Collaboration Database Business Computing Telephone Systems Efficiency Microsoft Office SharePoint Running Cable Environment Malware Password DDoS Office PDF Machine Learning Audiobook Redundancy Evernote Electronic Medical Records Botnet Android Conferencing Windows 10 People Hacking Inventory Outsourced IT MSP Cast Multi-Factor Security Lithium-ion battery Cloud Computing Thank You User Tips Credit Cards Benefits Social Uninterrupted Power Supply Robot Digital Signature Legal Root Cause Analysis Update Entertainment Computer Care Analytics Business Management Computer Fan Wireless Internet Virtual Reality Warranty Excel Ransomware Safety Blockchain Techology Password Management Tools Infrastructure Worker Net Neutrality NarrowBand Windows 10s Networking Office 365 Law Enforcement Devices Battery GDPR BYOD Millennials Books Search Engine Best Practice Supercomputer Business Mangement Information Technology Company Culture Politics Sync Keyboard Save Time Smartwatch Sports Netflix Shortcut Mobile Office Physical Security Access Control Managed IT Services File Sharing Data Storage Trending Smartphone Assessment Congratulations Tip of the week Fraud Firewall Vendor Cleaning IT Consultant Facebook Data storage Accountants Compliance Spam Google Docs Samsung Biometric Security Going Green FENG Managed Service Provider Money Wire Worker Commute Printer Cybercrime HIPAA HaaS NIST Word Password Manager Rootkit ISP Wireless Technology Public Cloud Social Media iPhone Thought Leadership E-Commerce Data Security Workforce Emergency Bing BDR Processor Disaster Recovery Recycling Router Managing Stress Music Communication Wireless Charging Hiring/Firing Employee VPN Google Drive Authentication Search Augmented Reality IT Management Comparison Television Default App Windows Server 2008 Amazon Smart Technology Display Tech Support Leadership Maintenance Gmail Monitor Tech Term Video Games Regulation Data Backup Website Value Laptop Windows 10 Save Money End of Support Smart Office Automobile Administrator Data Management Current Events Black Market Human Resources IT Support Cryptocurrency Managed IT Training Cryptomining Chromecast Vulnerability Fax Server Computers Twitter Computing Infrastructure Mobile Computing HBO Telecommuting Patch Management Help Desk Browser Criminal Alert Servers Telephony Cortana Employer Employee Relationship Digital Signage Managed IT Services Retail Meetings Relocation Nanotechnology How to Remote Worker IT Plan Specifications USB Notifications Public Computer Amazon Web Services Two Factor Authentication Security Cameras Shadow IT IT Services Settings Reputation Practices Scalability Information Data loss Voice over Internet Protocol Bandwidth Loyalty OLED Touchpad OneNote Budget Advertising Document Management Work/Life Balance Scam Software as a Service Cybersecurity Office Tips Internet of Things Flexibility Safe Mode Vendor Management Bring Your Own Device Solid State Drive Risk Management Health Addiction Applications Camera Outlook Remote Work Mobile Devices CES Artificial Intelligence HVAC Skype Google Apps Computer Accessories Google Search YouTube How To Humor Smart Tech Wi-Fi Wiring Unsupported Software Business Intelligence Troubleshooting Social Engineering Data Breach Investment Paperless Office Content Flash Online Shopping Hacker Internet Exlporer webinar Quick Tips Marketing Customers Hosted Computing Instant Messaging Managed Service Screen Mirroring Two-factor Authentication Operating System SaaS Manufacturing Automation CrashOverride Private Cloud Transportation Shortcuts Knowledge Downtime Data Protection Mobility Virtual Assistant Avoiding Downtime Streaming Media Charger Business Technology Mobile Device Management Audit IT solutions Employer-Employee Relationship Files Cache Users Printers Frequently Asked Questions Identity Theft Content Management Enterprise Content Management Start Menu Workers Bluetooth Proactive IT The Internet of Things Spam Blocking Government Connectivity Apps Unified Threat Management Software Tips Data recovery Big Data Microchip IBM ROI

Mobile? Grab this Article!

QR-Code dieser Seite

Recent Comments

Super User What Your Software Has in Common With the Food in Your Fridge? An (EOL) End of Life Date
16 September 2017
According to my view point for this content has been written very informative plus one more thing wh...

Blog Archive

January
February
April
June
August
September
October
November
December
January
February
March
June
July
September
October
November
December
February
March
April
May
June
August
September
December
January
February
March
April
May
June
July
September