Cyber-crime has often been regarded as something a teenager does from their bedroom or criminal individuals to disrupt businesses or for small gain. However, this is no longer the case anymore. Cyber-crime is a major part of organised crime and has now become so large scale that it is being run by gangs that are able to purchase tools cheaply to perform mass attacks on businesses. Mode looks at the most common forms of attacks and what we recommend for combating this.
Phishers: Phishing emails pose as emails from trustworthy companies, they could look like they have come from a trusted company you deal with or even a customer, asking for information or even urgent action like making a payment or confirming details from yourselves. As these cyber criminals are becoming more sophisticated and evolving their techniques now, more than ever, you must be wary of proceeding.
- The email address. Tap on the email address to see the full email address behind it. If it looks full of gobbledegook, then you will know this is a fake address. Also look for misspellings or additional characters in the email address.
- What details or payments are they asking you to make. If necessary, make a call to see if this is real.
Ransomware: this is where cyber criminals steal and encrypt your data and hold it to ransom until you exchange the release of that data for money.
Mobile Malware: A new sophisticated process where criminals are developing apps that look like games. Once downloaded this enables them access to steal your personal information.
What must SME’s do to help prevent cyber-criminal activity?
- Back up: Mitigate the risk and danger of attack by backing up all your data. Think about all your operational and financial data that is important to you and that is business critical.
- 2 factor Authentication: Consider having a password and a pin required (where this is sent by text) to be able to access software and emails. Strong passwords involving words as well as numbers and symbols will also help protection.
- IT Policy: create one to prevent attacks but do make sure that this is easy to read for your employees. Make it the Top 10 points of cyber security but make sure it covers:
- Acceptable usage of your systems
- Password policy
- Social media guidelines
- Network security
- Physical security
- Data protection
- Incident response
- Disaster recovery
- Finally, TEST: Staff training, simulated phishing emails, these will all educate employees and help highlight potential risk areas.
For more guidance on being Secure in print, contact Mode today