<img src="https://ws.zoominfo.com/pixel/PMY3ZvbpZt27ywWwZSBB" width="1" height="1" style="display: none;">
IpadeBook-1

FEATURED RESOURCE

Remote Employees and Network Security

Working from home is not going anywhere. In fact, research shows that post-pandemic 42% of employees who worked strictly from a company-based location will not return to the office. Do you know how this will impact your business? Learn more about the tools needed to protect your client data and improve employee productivity.

swoop_right

Disasters are Prime Time for Cybercriminals—How to Think Ahead

Ben Potaracke
3 min read
Oct 2, 2017 10:00:00 AM
This post covers:Managed IT

Disasters and other big news events are “triggers” that move hackers to action.

Even before Hurricane Harvey’s wind died down, hackers already set up bogus charities to take advantage of people wanting to help the relief effort. Hackers even created websites and social media profiles to further their credibility.

Thinking ahead means understanding how hackers find their victims

Most people don’t know that cybercriminals are trend-watchers. They’re “dark marketers” paying attention to major current events.

News aggregate sites like RedditQuora, and Google Trends show current events state-by-state or nationally. These tools allow hackers to create phishing and phone scams related to those events.

Thinking ahead means never saying, “It won’t happen to us”

Cybercriminals consider small businesses low-hanging fruit and it’s why their attacks on small businesses keep increasing.

In spite of more robust security budgets, the big business also suffers under the weight of cybercrime.

Equifax, one of the largest credit reporting agencies in America, recently dropped a bombshell that millions of Americans on 143 million Americans that an authorized third party gained access to their customer’s names, dates of birth, Social Security numbers, addresses, and in some cases, credit card numbers. It was a major score for cybercriminals!

The street value of hacked emails is high. Profits are made by selling off SSNs and driver's licenses for as much as $20 a piece to other hackers. Multiply that times millions and hackers had a big payday!

Most likely the victims in the sale of Equifax “spoils” are already being contacted in phishing emails, phone, and other scams.

Emails are 90% of breaches and attacks—think ahead about training employees

Using Equifax as an example again, an attack could look like this. You receive a phishing email that appears to come from Equifax saying, “Your data has been compromised. Go ahead and click this link (or it may be an attachment) and we’ll be able to tell if you’re one of the 143 million who was impacted.” So, you click on the link and the hacker is in your system working its way to your sensitive data.

In a hacker phone scenario, the call might sound like this, “Hey this is Ben from Equifax and we’re doing a double-check to be sure your information is protected. But, first I’ll need to make sure it’s you. Can you give me your social security number and birthday?”

Other big news events like the death of a celebrity, a compelling human interest story, new disease breakthroughs, and holidays like Christmas are just a few of the many opportunities hackers take to enter your system. They just need “one” person in your company—it doesn’t matter what their position is to give them access. Once inside, a hacker can move laterally across your network.

It can’t be emphasized enough, training your employees on email security should be one of the first goals for hacker prevention.

If you’re considering managed IT services, Locknet Managed IT has an affordable product for employee training on internet security that has proven to be quite valuable to our small business customers. (Their employees really like it too.)

Think ahead to build the best line of security defense

Remember when your parents said don’t talk to strangers? The same advice goes for opening unfamiliar emails. Considering the sophistication of hackers, sorting out legitimate charities can be just as difficult.

Watch for indicators like:

  • Signs of a ‘sound-alike’ of a reputable charity.
  • Refusing to give information on how your donation will be used.
  • Having no proof of their tax-deductible status.
  • High-pressure tactics to push for your donation.
  • Asking for cash-only donations.
  • Offering guaranteed winnings in exchange for your contribution.

For verification, check with third parties like Charity Navigator or Guidestar to confirm that the charity you’re considering is legitimate. You can also see if they’re registered with your state through the National Association of State Charity Officials.

For Locknet, cybersecurity is personal

We couldn’t be happier to be part of Homeland Security’s efforts to get the word out on cybersecurity this month.

Most of the small businesses we serve are built by people who have a dream, put in the hard work, and provide excellent service to their customers. Thinking ahead of cybercriminals keeps their momentum going! It’s what we do.

swoop_left_top

Subscribe by Email