Hackers are Going Phishing for Your Money
When people talk about cybersecurity nowadays, there certainly seems to be a lot of emphasis put on phishing attacks and ransomware. This is for good reason. Not only can either of these attack vectors create significant difficulties for a business, they are often used in tandem. Let’s discuss why these threats are so potent, and why they so often show up together.
First, it will help to briefly review how each attack works.
How Ransomware Works
Imagine for a second the surprise you would have if you tried to log into your computer and you were presented with a message telling you that your files have been encrypted and that you need to pay $X in Bitcoin before the clock runs out or you will lose those files forever. Then you noticed the clock clicking down. Would you panic? You probably would. That is ransomware, a particularly ugly malware that could cost you everything.
How Phishing Works
Do you ever get emails that seem to come in randomly from the government, your bank, or your insurance company? Do they want you to take action now and provide links or attachments to make that possible? The truth is most professional organizations that you depend on will never want you using email to do anything other than verify your identity. That means that the emails you get that say you have to act now to avoid going to jail for owing money are as fraudulent as they seem.
These are phishing messages. They can come in through email, social media, or via SMS or phone call. Unfortunately for the modern user, they are constant, often sophisticated, and can be especially problematic if handled improperly.
Phishing + Ransomware = Major Trouble
Since today’s hackers can’t just hack their way into an account, they use social engineering tactics to do so. If they are able to expose their fraudulent message to someone that is less than vigilant, they may gain access to a computer (or worse yet a computing network), and then deploy their ransomware payload. Not a good situation for any individual; and, a major problem for any business. This is why it is essential that your staff understands phishing tactics and can spot fraudulent emails and messages when they come in. Let’s take a look at some telltale signs that you are dealing with a phishing message.
Phishing tactics are a lot more sophisticated than they were even a few short years ago, but they can’t do anything for the one variable that matters: legitimacy. Here are a few ways you can tell that you are dealing with a phishing attack.
● The details in the message are suspect - Many people don’t pay much attention to the email address an email is sent from, or if a word here or there, is misspelled. This is how phishing attacks get you. If you receive a message that has spelling or grammatical errors that you wouldn’t find in professional correspondence, you probably are dealing with a scam. You can also look at the email address itself or best yet, mouse over any links found in the text of the email. If it seems fishy, it’s probably phishing. Don’t click on it.
● The tone is desperate - One telltale sign that you are dealing with a phishing attack is that the message written to you seems urgent. No reputable financial institution or government entity is going to demand immediate action from an email.
● There’s a link or an attachment - Using phishing to deploy ransomware (or any kind of malware), you will typically see an attachment or be asked to follow links in the message. If you have any question of the validity of the message, don’t click on a link or open an attachment.
Cybersecurity is a constant process. If you would like help getting your staff trained or if you would like some information about other security tools you can use to keep your infrastructure and data safe, call the IT professionals at Jackson Thornton Technologies today at 334-834-7660.
Why Businesses Should Select a Hosted Email Solution
Email is easily one of the most commonly (and most often) used business tools there are, but as with any tool, some options are better than others. This week, we’re giving you some tips on how to best use email in your business by using hosted email.
As you might imagine, your criteria for a business email should differ from what the average private email user may consider.
A personal email account, or one that a private user would likely make use of, has a few standard qualities:
● Free to use
● Limited storage space and features
● Generic Domain, like gmail-dot-com or outlook-dot-com
This is all just fine for a private user, but for a business’ purposes, these options fall short. Limited storage space alone would make email far less convenient for the business in question, the lack of features could complicate business processes, and the generic URL renders your communications unrecognizable at first glance. While “free” can be hard to argue with, the costs that you’re trading for that price tag make this option a non-starter.
Instead, a business will need more control over its email platform, which has led to many hosting their own Exchange servers. While this option works, it is not without its assorted challenges, such as:
● A need for greater technical skill and experience
● A larger time investment for set up and maintenance
● An increased chance of significant downtime
● Spam filtering will cost extra in time and finances
● All responsibility belongs to the business for upkeep and updates
Any one of these issues would be extremely costly on its own, never mind combined. Fortunately, there is another option, one that pairs the benefits of a local email server with the advantages of cloud email.
Businesses now have enterprise-level hosted email solutions available to them that are commonly included in productivity suites. For example, both Google’s G Suite and Microsoft Office 365 have an enterprise-level email paired with each account. Utilizing these platforms can provide a plethora of benefits for your business, such as:
● No added infrastructure costs
● Scalable number of accounts
● No more email infrastructure management
● Unified billing
● Built-in productivity suites
● Built-in management and security
● No software licensing or maintenance
● Scalable storage
● Provided email backup
● Access from anywhere, at any time
Need a solid set of productivity solutions for a more business-friendly expense? Give our IT professionals a call at 334-834-7660 to discuss what Jackson Thornton Technologies can do for you.