k_Street Consulting, LLC Blog

Staff Education Goes a Long Way in Preventing Security Issues

Staff Education Goes a Long Way in Preventing Security Issues

In a perfect world, keeping your antivirus updated and having a good firewall in place would be enough to protect your business from cybersecurity threats.

Unfortunately, most attacks still come in through email, and can slip by your users. Even the most complex cybersecurity platforms used by massive corporations and governments can be foiled by a simple phishing attack, and your end-users are your last line of defense.

How Can an Employee Fall Victim?

Phishing attacks are designed to look real. An email might come in looking like a valid message from Paypal, a bank, a vendor, or even from another employee or client. Hackers use several tricks to make the email look real, such as spoofing the address or designing the content of the email to look legitimate.

Unfortunately, if the user clicks on the link in the email or downloads the attachment, they could open themselves and your company up to whatever threats contained within.

Commonly, this leads to stolen sensitive information, or installs malware on the device, or grants the hacker the ability to log into the user’s bank account.

While having strong IT security can reduce the amount of these phishing attacks that come in, a percentage can be tricky enough to bypass your firewalls and content filters, exposing your staff to situations that could your whole endeavor in

Educate Your Employees

It’s important to teach employees how to catch a phishing attack. We recommend sharing the following steps with your staff, or even printing them out and posting them around the office:

  1. Carefully hover (don’t click!) over links and see if they go to a legitimate URL. If the email is from Paypal, a link should lead back to paypal.com or accounts.paypal.com. If there is anything strange between ‘paypal’ and the ‘.com’ then something is suspicious. There should also be a forward slash (/) after the .com.   If the URL was something like paypal.com.mailru382.co/something, then you are being spoofed. Everyone handles their domains a little differently, but use this as a general rule of thumb:
    1. paypal.com - Safe
    2. paypal.com/activatecard - Safe
    3. business.paypal.com - Safe
    4. business.paypal.com/retail - Safe
    5. paypal.com.activatecard.net - Suspicious! (notice the dot immediately after Paypal’s domain name)
    6. paypal.com.activatecard.net/secure - Suspicious!
    7. paypal.com/activatecard/tinyurl.com/retail - Suspicious! Don’t trust dots after the domain!
  2. Check the email in the header. An email from Amazon wouldn’t come in as . Do a quick Google search for the email address to see if it is legitimate.
  3. Always be careful opening attachments. If there is an attachment or link on the email, be extra cautious.
  4. Be skeptical of password alerts. If the email mentions passwords, such as “your password has been stolen,” be suspicious.

Phishing Simulation

Another great tactic is to have regular phishing simulations. This is where we create a series of fake phishing emails (don’t worry, it’s safe), and randomly send it to your staff. When someone falls for the attack, we send them educational information to help them prevent being tricked by a real one.

We’ve found this to be very effective, without taking a lot of time out of an employees already busy day.

Are you interested in helping to protect your staff from falling victim to phishing attacks? Give us a call at (202) 640-2737.

Even Small Businesses are Targets for Hackers
Tip of the Week: How to Utilize Your Business’ Ema...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, June 25 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Smartphone Solid State Drive IoT Audit Digital Signage Biometrics HVAC Mobile Maintenance Hacking Black Market Managed Service Current Events Streaming Media Digital Payment Facebook Business Owner Windows 10 iphone IT Services Bing Scalability IT Solutions Social communications Encryption Employee Going Green Remote Maintenance Manufacturing Supercomputer Politics Biometric Security Cabling The Internet of Things Data Protection Frequently Asked Questions Communication Benefits Unified Threat Management Hosted Solutions Mobile Computing Project Management Passwords GDPR Ransomware Company Culture Education Telecommuting Samsung Google Apps Computer Care Strategy malware Transportation Managed Service Provider Excel Tip of the week Loyalty Public Computer Domains Law Enforcement Virtual Private Network Spam Best Available Smartphones Congratulations Advertising Emails Professional Services Antivirus Leadership Cloud Meetings Netflix Servers Infrastructure Customer Relationship Management Sync Electronic Medical Records Remote Computing Emergency Criminal Regulation Miscellaneous Staff Identity Theft IT service Computer Accessories User Word Budget Redundancy Managed IT Analyitcs Value Twitter Productivity Managed IT Services Digital Signature NIST Hosted Solution Consultant Content Filter Public Cloud IT Support Lithium-ion battery Gmail Windows 10s Television HBO How to IT Support IT Management Machine Learning Internet Operating Systems Thought Leadership Save Time Evernote Business Management E-Commerce Safety Analysis Wireless Internet Virtual Reality Internet of Things Fiber-Optic Humor Credit Cards Holiday Nanotechnology Data Security VPN SharePoint Unsupported Software Google Drive Running Cable Productivity BDR Search Engine Mobile Devices Network Congestion Hiring/Firing Books Applications Saving Money Fraud Hybrid Cloud Statistics analytics webinar HaaS Data Storage Google Docs Lifestyle Customer Service Operating System Data Breach Software Pain Points Healthcare Data Management Default App USB Networking Wire Read Cache Printer Compliance Tech Term Wiring Tablets Cloud Computing Efficiency Human Resources Camera Microchip How To Gadgets Apple Administration Proactive IT Tools PowerPoint Windows Server 2008 Rootkit Paperless Office File Versioning Virtual Assistant PDF IaaS Document Management Gaming Console Theft Router Storage Microsoft Office File Sharing Technology Security Business Intelligence Content Filtering Skype Recovery Net Neutrality Inventory Video Games Remote Worker Downtime Intranet Software as a Service Amazon Web Services Training Two-factor Authentication Social Media Programming Office Bandwidth Save Money Practices Millennials Relocation Electronic Health Records Marketing Best Practice Augmented Reality Mobility Bloatware Workers Keyboard Office 365 Vendor Management Browser Multiple Versions FENG Best Practices Email Fax Server Blockchain Chrome Cast Hardware Flexibility Network Security ROI Scam Workplace Tips IT Infrastructure App Business Uninterrupted Power Supply IT Plan Cortana Regulations 5G Printer Server Charger Cryptomining Assessment OneNote Robot Managing Stress Data Recovery Network Wearable Technology Security Cameras Vendor Retail Physical Security Virtual Desktop Data Google Distribution Windows 8 Unified Communications Touchscreen Shortcuts Employer Employee Relationship Archive Disaster Recovery SaaS HIPAA CES Windows Worker Wireless Technology WIndows 7 Point of Sale Phone System Authentication Website Alert Data storage Content Password Management Outlook Chromecast Bring Your Own Device Business Mangement Access Control Content Management Vulnerability Phishing Windows Media Player Artificial Intelligence Computing Infrastructure Computer Repair Social Networking Smartwatch YouTube Thank You Botnet avoiding downtime Wi-Fi Data loss Cybercrime Data Backup Monitor Techology Privacy Software Tips Enterprise Content Management Wireless Charging OLED Private Cloud Password Password Manager People Backup and Disaster Recovery VoIP Recycling End of Support Conferencing Windows 7 IT solutions Help Desk Smart Technology Managed IT Services Virus Cameras Cleaning Shortcut Search Screen Mirroring Voice over Internet Protocol Cables Knowledge CrashOverride Internet exploMicrosoft Health Automation Music Telephony Internet Exlporer Collaboration Small Business Smart Office Science Government Microsoft Audiobook IT Consultant Hackers Webinar User Error Mobile Device Cryptocurrency LinkedIn Memory Touchpad Work/Life Balance Entrepreneur Files Insurance WiFi Safe Mode Wireless Windows 10 Start Menu Remote Monitoring Employer-Employee Relationship NarrowBand Utility Computing Multi-Factor Security MSP Mobile Device Management Worker Commute Printers Hosted Computing Online Currency Bluetooth DDoS Hard Drives Patch Management Business Continuity Risk Management Addiction Amazon BYOD Tablet Colocation Administrator Warranty Sports Workforce Data Warehousing Students Tip of the Week Proactive Server Automobile Business Computing Reputation Innovation Upgrade Remote Work Information Technology Firewall ISP Employee/Employer Relationship Specifications Hring/Firing Product Reviews Devices Investment IBM Line of Business eCommerce Cybersecurity Laptop Quick Tips Display Information Battery Settings Apps Computer Fan Backup Google Search Accountants Two Factor Authentication Troubleshooting travel Telephone Systems Tech Support eWaste Customers Computer Experience Connectivity History Outsourced IT Remote Monitoring and Maintenance Restore Data Logistics Virtualization Comparison Update Computers Hacker Trending Office Tips Saving Time Instant Messaging Android Entertainment Notifications Environment Legal User Tips Shadow IT Application Online Shopping Business Technology Mobile Office Analytic Money Big data Flash Spam Blocking Cost Management Mouse Root Cause Analysis Distributed Denial of Service Database Social Engineering Users Proactive Maintenance Smart Tech Telephone System

Sign up for our Newsletter!

  • Company Name *
  • First Name *
  • Last Name *