There are criminals in all walks of life trying to get something for nothing. Criminals try and trick us with with social engineering methods by building trust, using fear tactics, emphasising a sense of urgency, engaging our greed, intimidation, appealing to our willingness to help amongst other strategies. Humans are the weakest link. Social engineering is essentially “Psychological manipulation of people into performing actions or divulging confidential information”. The most common method is phishing. The term comes from “fishing for information”, and generally involves receiving an email designed to trick you into giving up information. A TV episode “Your Computer Is Under Attack”(S02E02) from Bill Nye Saves the World discusses this and other CyberSecurity topics and I recommend you watch it.
CyberSecurity methods to protect myself and my business?
- If you suspect, even slightly, that it is a phishing attempt. do not reply or open any attachments;
- On emails and web sites look for typos, poor grammar, low quality graphics…in general things that look out of place. As scammers get more sophisticated so does their work;
- A misspelled domain is a strong indicator of phishing, a real domain isn’t a 100% indicator that it’s genuine. What’s wrong with apps.corp.te1eco.ca?;
- If someone contacts you saying the are from Microsoft, Google or any other business stating that your computer is infected and to install software to fix the problems ….HANG UP THE CALL;
- Use another communication channel such as a phone call or SMS text to verify with the sender if you feel the contact might be valid;
- If there is ANY doubt…ASK your IT professionals!
The most successful phishing attacks were disguised as something an employee was expecting, like an HR document, a shipping confirmation or a request to change a password that looked like it came from the IT department. Make sure to scrutinise any such emails before you download attachments or click on any included links, and use common sense. Did you actually order anything for which you’re expecting a confirmation? Did the email come from a store you don’t usually order supplies from? If so, it’s probably a phishing attempt. Be very careful when clicking on links in emails. The link might point to a scammers web site. Hover over the link (look at bottom of browser) to verify or just go to a web browser and type the web address as you know it.
The next and very important topic for CyberSecurity…PASSWORDS
Given the choice between security and convenience, people complain about security, and choose convenience. AND this is a WIN for criminals. Criminals work hard to steal databases that has your information. Most people reuse their email and password combinations for other things. So the attacker will start logging into all the other accounts they can, whether it’s to steal information, or money. This can all be done very quickly after a database is stolen. It’s usually months before the breach is known, by which point it’s already too late.
CyberSecurity Password Best Practices
- Train your staff. Send them a link to this article to start;
- You can not control another web site’s security. You have absolutely no control over how web sites store your password or protects their database. So you need to protect yourself instead;
- Long (15+) – longer is better;
- Random – do not use “dictionary” words. Most complex you can make it given web site rules;
- Unique – different password for EVERY account;
- Private – NEVER share;
- Do NOT use your business email for personal web sites. If you currently do use it, you will have to switch to a personal email address.
There is no way I can remember all those passwords!
You are correct. No normal person can. Your computer can quite easily. The solution is to use a “Password Manager” . Using a password manager is the single most effective thing you can do to enhance your security online. I use KeePass. Get is here.
- The most important feature of password managers is that they let you use a completely different password for everything, without having to worry about remembering it yourself;
- They will generate complex passwords for you;
- Switching from using the same password everywhere, to using a password manager, is reaaally annoying. It’s going to slow you down when you want to access websites;
- You are going to have to go to every place you have an account and change your password. It really is going to be a PAIN;
- But it gets much easier as you get used to it, and it is so much better in the long run;
- You should use a password manager for all your personal accounts too. (Amazon, banking, etc.);
- Use a strong master password for the password manager;
- DO NOT be complacent… Password Managers are not perfect….they are just much better than the current alternatives.
Are you worried that your passwords might be for sale on the dark web? We can help. We have access to to a service that will continually check for breaches.
If you are concerned about hackers penetrating your network, PCs or servers behind a firewall then you should look into a security appliance. Teleco offers rental or purchase of Watchguard’s Firebox.
Call our knowledgeable sales staff at 807-346-7264 or Contact us regarding your CyberSecurity questions.