Phishing involves tricking a worker into giving away passwords, login details or other company information and is a common tactic used by hackers. Phishing attacks can be delivered via email, instant message, text message or even over the phone. Some even pop-up in a web browser, claiming the PC is under attack, with a number to call.
The aim of phishing is for the hacker, usually pretending to be a technical support worker, either from the company or a major IT vendor like Microsoft or Apple, to find out account access details. They claim your computer or an email account is insecure, and need the existing password or details to update a new, secure account.
Naturally, email phishing messages can be blocked at source with a good spam filter, while corporate firewalls and personal security software can manage the threat on the desktop or mobile device. However, some will still get through and only timely training for staff will help prevent them inadvertently giving away vital information.
Staff need to be taught what to look for, and what to be suspicious of. Increasingly these attacks look like genuine business emails or messages. However, key things to look out for are spelling mistakes in the text, and weblinks that do not match the site they claim to represent. Staff should never click on a link unless the are sure of the address it goes to. If they hold a cursor over most spam, scam or phishing links, even though they may say “www.microsoft.com/security” or similar in the text, the link will actually be some totally different location.
If your business lacks a dedicated IT security officer, we can provide computer support and features like Hosted Exchange for email that comes with a highly efficient scam and spam filter. We also offer offsite backup to help protect your business data, should a hacker ever break in and try to encrypt your essential data files and hold them for digital ransom.
Even with all this IT support and protection, ultimately, your staff, however well-intentioned, can easily be fooled into being the weakest link when it comes to security. So train them well in what to look for to minimise the risk. Nimbus CS can help you create the in house working practices you need to keep your company safe.
If you are interested in a free audit of your in house practices and your IT security please get in contact with Nimbus CS today.