Since the dawn of the Internet, cybercriminals have been profiting from unsuspecting businesses through a technique known as phishing. Over time, these cyber attacks have become increasingly complex, making it more important than ever for businesses to understand how to prevent them. Our cybersecurity professionals have put together a helpful list of guidelines that your business should follow to prevent you and your employees from becoming victims of phishing attacks.
Stay Up-to-Date on the Latest Phishing Tactics
Cybercriminals are coming up with new phishing techniques 24 hours a day, 365 days of the year. Whether you’re a business owner or an IT administrator, it’s important to watch for news articles about the latest phishing scams to reduce the risk to your company. Consider implementing security awareness training and simulated phishing attacks to ensure that your employees are alert and able to identify phishing scams.
Check Online Accounts and Change Passwords Regularly
Although you probably have countless online accounts, it’s imperative to check each of them regularly as inactive accounts are a prime target for phishers. While you’re logged in, be sure to update your passwords—and always use different passwords for each account.
Additionally, keep a close eye on bank and credit card accounts to make sure that a phisher hasn’t made any unauthorized purchases. Many banks and credit card companies now offer apps for smartphones that make it simple to check your accounts daily, but it’s always a good idea to review your statements thoroughly at the end of each month.
Always Download Browser Updates
While it may be tempting to ignore browser updates because they can be time-consuming, they often include security patches that make it more difficult for phishers to target your business. As soon as a browser update is available, download and install it immediately.
Use Secure Websites
With online purchases becoming more and more popular, it’s difficult to refrain from providing financial information online. To verify the security of the website you’re using, start by looking at the URL at the top of the page. On a secure website, the URL will begin with “https” and there will be a closed lock icon in the address bar. If you suspect that a website isn’t secure, don’t provide any personal or financial information, or download any files.
Think Before You Download Email Attachments
If you receive an email from an unfamiliar source, refrain from clicking on links, opening attachments, or downloading files. As a general rule of thumb, only open email attachments that you are expecting to receive from a known contact.
Stay Away from Pop-Ups
Pop-up windows aren’t just irritating; in some cases they are phishing scams. If you’re using a popular browser, you’ve probably noticed that pop-ups are usually automatically blocked. Unfortunately, today’s tech-savvy phishers have found ways around browser pop-up blockers.
If you get a pop-up, be aware that any button, link, or image that you click can send you directly to a phishing site. Simply close the pop-up window and consider using another website rather than the one that initiated the pop-up.
Use an Anti-Phishing Extension
You can easily add an extra layer of protection by customizing your browser with an anti-phishing extension in your toolbar that checks websites you visit against known phishing sites. The toolbar will instantly send an alert if you are on a malicious site.
Utilize Anti-Virus Software and Firewalls
Just like flu shots prevents illnesses, anti-virus software and firewalls prevent your computer and network from phishing attacks. Anti-virus software is designed to scan files that you download from the Internet—whether through a browser or email—and protect your computer’s operating system, while firewalls block attacks from phishers who attempt to infiltrate your computer or your company’s network. As with your browser, it’s important to keep you anti-virus and firewall software up-to-date to ensure you catch the latest phishing scams.
If you’re concerned that your business is susceptible to a phishing attack or have questions about cybersecurity in general, reach out to the team of professionals at Internal Computer Services. We offer around-the-clock monitoring and support to ensure that you and your business are protected from cybercriminals. Contact us today at 804-672-1057.