[caption id="attachment_884" align="alignleft" width="300" caption="cyberheists"]
[/caption]
Social engineering, called phishing, happens all the time. Phishing leads to cybercrimes of all magnitudes. If a major corporation like Sony can get hacked, you can be sure that your organization is vulnerable too. Following are a few guidelines to help your organization avoid becoming a cybercrime victim. All your employees should study these various Internet security points:
Do not fill out a form page or give information about yourself unless you are 100% certain the website is valid. This needs no further explanation.
Don't automatically click links in e-mail supposedly from businesses you trust like a major delivery service or your bank. If you get a bank message regarding an account problem that needs your attention, launch your browser and go directly to the bank's site to check it out. Don’t fall victim to a cyberheist attempt.
To check a link in an email message to see if it appears valid, hover the mouse over the link. Most e-mail clients will show the destination URL. If the link URL doesn't match the link's stated destination, it is a sure sign of trouble.
Carefully look at the URL in the browser's Address bar. Many phishing sites often don't try to use legitimate looking URLs. But some phishing websites use slightly altered versions of the true URL, such as usp.com (instead of ups.com) or amozan.com (instead of amazon.com. If the URL appears altered, leave the website and type in the actual URL manually.
Look for a green light on the browser bar. If your browser has this feature, it will tint the Address bar green when it’s validated a site's Extended Validation Security Certificate. A green Address bar means the site is legitimate.
Use a password management tool like LastPass to store your login credentials. The utility will automatically fill in your credentials at the correct Web site but not at a fraudulent copy.
Find out which employees in your organization are Phish-prone (likely to click a hacker’s bait link) by testing them free using the KnowBe4 Free Phishing Security Test.
Train all your employees with an Internet Security Training program such as KnowBe4’s First2Know ISAT Course. This is the best way to ensure your employees do not open the floodgates to your bank account. This training is very inexpensive and very effective.
Data breaches have happened, are happening and will continue to happen. I’m not sure what truly led to the Sony breach and subsequent cybercrime, but it is very possible that it all started with a phishing attack. Don’t be next week’s big news by being the next cyberheist victim.
Stu Sjouwerman
[/caption]Social engineering, called phishing, happens all the time. Phishing leads to cybercrimes of all magnitudes. If a major corporation like Sony can get hacked, you can be sure that your organization is vulnerable too. Following are a few guidelines to help your organization avoid becoming a cybercrime victim. All your employees should study these various Internet security points:
Do not fill out a form page or give information about yourself unless you are 100% certain the website is valid. This needs no further explanation.
Don't automatically click links in e-mail supposedly from businesses you trust like a major delivery service or your bank. If you get a bank message regarding an account problem that needs your attention, launch your browser and go directly to the bank's site to check it out. Don’t fall victim to a cyberheist attempt.
To check a link in an email message to see if it appears valid, hover the mouse over the link. Most e-mail clients will show the destination URL. If the link URL doesn't match the link's stated destination, it is a sure sign of trouble.
Carefully look at the URL in the browser's Address bar. Many phishing sites often don't try to use legitimate looking URLs. But some phishing websites use slightly altered versions of the true URL, such as usp.com (instead of ups.com) or amozan.com (instead of amazon.com. If the URL appears altered, leave the website and type in the actual URL manually.
Look for a green light on the browser bar. If your browser has this feature, it will tint the Address bar green when it’s validated a site's Extended Validation Security Certificate. A green Address bar means the site is legitimate.
Use a password management tool like LastPass to store your login credentials. The utility will automatically fill in your credentials at the correct Web site but not at a fraudulent copy.
Find out which employees in your organization are Phish-prone (likely to click a hacker’s bait link) by testing them free using the KnowBe4 Free Phishing Security Test.
Train all your employees with an Internet Security Training program such as KnowBe4’s First2Know ISAT Course. This is the best way to ensure your employees do not open the floodgates to your bank account. This training is very inexpensive and very effective.
Data breaches have happened, are happening and will continue to happen. I’m not sure what truly led to the Sony breach and subsequent cybercrime, but it is very possible that it all started with a phishing attack. Don’t be next week’s big news by being the next cyberheist victim.
Stu Sjouwerman
