Due to the recent government shutdown, agencies responsible for repelling cyberattacks at a national level are inactive. The shutdown could not have come at a worse time as tax season is approaching. Nation-state and gang-related cybercriminals have moved into high gear to take advantage of this double whammy. EVAN’s clients have reported a marked increase in brute-force attacks, as well as information phishing and money transfer spoofing emails.
Businesses can protect key assets and decrease risk by following a few steps:
- Run software updates. These updates ensure the latest security risks are mitigated within the operating, antivirus, and application environments. Microsoft, Google, and Apple are working hard to repel attacks from cybercriminals.
- Turn on two-factor authentication for all web applications. Two-factor authentication requires the user to enter a number (usually sent via text) to complete the login process. While some users dread adding an extra step to the login process, it is usually impossible for a cybercriminal to intercept a numeric key sent via text. In the end, dealing with a hacked password costs more time and angst than performing a two-step login process.
- Do not click on email links—not even “unsubscribe” links. Cybercriminals will often send seemingly legitimate emails with malicious links, hoping the user will click before thinking twice. The most common request is to update a password or update critical information. In most cases, the links will download malicious software that infect the computer. Instead of clicking a link, just go to the website directly and perform the action requested.
- Do not respond to emails requesting changes in bank information, wiring instructions, or to send monies immediately. Cybercriminals are excellent at spoofing senior executive or supplier email addresses, sending requests to controllers or accounts payable clerks to redirect or send monies to the wrong bank accounts. These accounts belong to the cybercriminals and are usually offshore where the funds can never be recovered. Put policies and procedures in place to ensure all money handling requests are confirmed verbally.
Unfortunately, growing businesses are being targeted today more than ever. For more information or further help protecting your business, visit EVAN.help. The professionals at EVAN are happy to assess your current approach to technology and recommend steps toward a stronger and safer IT environment.
EVAN is more than just a great source of technology information; we have Master Certified Professionals waiting to meet your IT needs right now.