Keep Your Business
of All Cyber Threats
Sign Up for Our Cyber Security Notifications
CITOC will never sell or share your personal information with anyone.You information is safe with us.
“In 2015, (the FBI) received over 8,000 complaints related to these threats with a combined reported loss of nearly $275 million.”
— FBI 2015 Internet Crime Report
Cybercrime is on the rise again. In the three-year span from 2013 to 2015, complaints rose 10 percent. It could be far worse than that, because, according to one Department of Justice estimate, only about 15 percent of fraud victims (Internet or otherwise) report crimes to law enforcement.
Ransomware: Pay Up or Lose Your Data
However, some high-visibility ransomware attacks have occurred, and according to the FBI, the threat is increasing. Ransomware typically infects the victim’s network through email. Once it gains entry, it encrypts everything on the network, and the criminals demand a ransom in return for the data decryption key. The FBI reports nearly 2,500 ransomware complaints, with losses of more than $1.6 million in 2015.
Phishing Season: Year-round on the Web
Two additional threats that will not go away soon are phishing and its offshoot, spear phishing. Regular phishing can be easier to spot because the email just looks strange. Unusual return email addresses, misspelled words, etc., are sure giveaways.
Spear phishers, on the other hand, know the victims’ names and their email addresses. They leverage personal information gleaned from social media platforms such as Facebook and LinkedIn. They are after credit cards, bank account numbers, passwords and financial information stored on the target’s PC.
Small Businesses Attacks: More Than Doubled Since 2011
Symantec reports that more than half of the spear phishing attacks on fake emails targeted small businesses. Quoted in an onlineGuardian piece, one cybersecurity expert, Sarah Green, observes that small business owners tend to become complacent. Says Green, “(They) may feel that they aren’t likely to be a target due to their size.” Hackers, Green continues, “couldn’t possibly be interested in what they (small businesses) do.”
The opposite, unfortunately, is the case, because small businesses:
As a percentage of all cyberattacks against businesses, in 2011, small businesses enjoyed a low profile — only 18 percent. During 2015, however, according to Small Business Trends, that percentage more than doubled, rising to 43 percent.
Shoring Up the Defenses: A Triad of Options
Hackers will undoubtedly continue to probe weak spots through phishing attacks. The PCI Security Standards Council recommends a three-pronged approach to protect against phishing attacks in 2016:
Promoting email Awareness Through:
Enforcing Website and Software Security Through:
Instituting Password Best Practices by:
Need Some Help?
CITOC is the trusted choice when it comes to staying ahead of the latest cybersecurity and information technology tips, tricks and news. Contact us at (713) 490-5000 or send us an email at firstname.lastname@example.org for more information.
These days, Internet scams and schemes have unfortunately become commonplace. As a result, it’s important to take measures to protect yourself and your personal information on the Web. When most people think of online security threats, they tend to think of malware, viruses and phishing of financial information. In recent years, however, a new type of online scheme has become increasingly common: ransomware.
What Is Ransomware?
Essentially, ransomware refers to an attack in which a hacker gains access to a person’s device (computer, tablet, smartphone, etc.) and the files on it. From there, the files on the device are locked and unable to be accessed by the victim until he or she pays a certain dollar amount. Usually, the money is demanded within a certain period of time (typically around 24 hours). Otherwise, the files will be permanently locked, or, in some cases, the entire device may even be wiped of its files and data.
What Can You Do About It?
Avoiding a ransomware situation requires extra vigilance on your part. As always, you should only download and open files if you trust the source from which they’re coming. If you haven’t done so already, now is a good time to install a firewall and security platform on both your personal and business devices, so the files can be scanned for potential malware before you open them.
Furthermore, taking the time to back up your data as often as possible will also help to ensure that you don’t become a victim of ransomware. Unfortunately, without regular backups of your data, you really have no reliable way to get your files back following a ransomware situation (aside from paying the demanded amount of money). However, if your information is always backed up, then you can keep your money and still not have to worry about your files being completely lost.
With any-sized business, having a reliable file backup service is a must. All of your business devices and their relevant files should be backed up on a daily basis as part of your information technology efforts.
Understanding the Growing Trend
Unfortunately, ransomware doesn’t seem to be going away any time soon. As long people aren’t backing up their files and other data, hackers will continue to utilize this method to make some quick cash. Some hackers will focus their efforts on individuals; whereas, others may even go as far as to attack businesses and other organizations in an effort to take larger sums of money for ransom. For example, one study found that some ransomware hackers have turned to attacking medical organizations, obtaining access to very personal patient information. More than ever, then, it’s important for businesses to begin to take the right IT measures to protect and back up their information.
What would happen if your company were to become a victim of a ransomware attack right now? Would you be at risk of losing a lot of valuable or even confidential information? If you’re not confident that your organization would be unaffected by such an attack, then it may be time to re-assess your security and IT systems.
CITOC is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks, and news. Contact us at (713) 490-5000 or send us an email at email@example.com for more information on how we can help you better protect your business from ransomware attacks and other security threats. Furthermore, you may want to do as I do, which is to back up your business data more frequently.
Hackers constantly look for new ways to spread viruses, but their favorite distribution method is one of the oldest: unsolicited email. A recent report from Kaspersky Lab revealed that malware spam continues to grow as Web browser security improves and makes it harder to infect computers via websites.
During the past year, the total quantity of unsolicited messages fell. However, the percentage containing virus attachments more than tripled. This greatly increases the likelihood that you or your employees will receive malicious communications in the near future.
Many harmful messages draw attention by focusing on terrorism and other events in the news. Some malware spammers have become more skillful in recent years. They personalize the information or try hard to make email appear as if it comes from legitimate organizations.
Kaspersky Labs reports that more and more email viruses install ransomware. When recipients open an attachment, this malware encrypts data on their PCs. It often proves difficult or impossible to recover the files without paying a “ransom” to hackers.
For example, one common email virus looks as if Microsoft sent it. The text claims that users can upgrade to Windows 10 by downloading an attachment. This file actually infects the recipient’s computer with ransomware and blocks access to every file on its hard drive, according to Fox.
Companies can protect their computers and data by educating office workers about safe Internet practices. Employees should learn to visit websites directly instead of using email links. They ought to carefully check messages for fake “from” addresses, unprofessional language and other suspicious attributes.
Businesses mustn’t rely on one-time trainings to warn staff members about Internet dangers. People eventually forget some of the advice, and viruses spread in different ways each year. Memos, newsletters and bulletin board notices can help keep employees informed.
A spam analysis expert at a major Internet security company recently said that “efforts to dupe victims are becoming more sophisticated year on year.” Consequently, it makes sense for office workers to contact the IT staff or a manager when they have any concerns about possible viruses.
Business owners and employees can sometimes avoid malware by using anti-virus utilities to scan files before opening them. However, such tools don’t succeed in detecting every virus. If in doubt, contact a sender by phone to confirm that he or she actually sent an attachment.
When sending messages to a group of staff members or contractors, always put their email addresses in the “bcc” field. Everyone can see all of the addresses under “cc” or “to”; if any recipient has a computer virus, it may gain access to the entire list.
Many commercial email services and programs let businesses activate and customize spam filters. You can stop malware from reaching inboxes by automatically returning messages sent from known spammers’ accounts. Consider blocking certain countries, IP addresses or domain names as well.
At the same time, be careful not to intercept normal correspondence. ReturnPath warns that filters block about one out of five legitimate messages people send to businesses. If you banish all email from an entire hosting or Internet service provider, this could discourage potential customers.
To sum it up, email-based viruses pose a growing threat that employers must take seriously. Filters, anti-virus programs and training can decrease the risk. Many business owners look to CITOC when they want to stay up to date on the latest IT strategies and news. Please call (713) 490-5000 or contact firstname.lastname@example.org to learn more.