Tuesday, December 13, 2016

What Encryption Can Do for Your Business

Your business doesn't have to handle top secret government files to need encryption.  You have a responsibility to your customers, vendors, stakeholders, and employees to keep their data safe, and you need to protect your business information from competitors.  To maintain your reputation, the people you do business with must have confidence in your ability to keep data secure and use it wisely. 

Consider all the ways encryption can protect you from loss of business and reputation:

Neutralize Hackers
Encryption can prevent the use of your information by hackers.  Even if they get into to your network, they won't be able to use the information they find if it is encrypted.

Note that encryption cannot prevent access like a firewall can, but by rendering your data useless to prying eyes, it can eliminate the use of stolen data by hackers.

 
Protect External Drives
If your company backs up data on external hard drives, that means information that you store is neatly packaged for an enterprising thief.  You could be subject to theft of those drives.  This includes USB devices. 

Encryption makes it impossible to read your data, so a compromised external drive will not harm your company.

Secure Internal Hard Drives

The drives in your computers are some of the most vulnerable access points in your entire information network.  Hackers can come in through email accounts or your internet connection and get directly into your hard drives. This makes any information a user has stored vulnerable to theft. 

Encryption can secure information while it is being stored.  This process is automatic, so that the user doesn't have to remember do it.  Such encryption provides timely protection as data is created.

Make Cloud Storage Safer
Storing data in the cloud presents some problems.  One of the most dangerous situations is sharing cloud storage space with other firms.  Any hacker who gets into other companies' data on a shared cloud server has access to your information.

Encryption is your best line of defense to these "back door" cloud hackers.  Your information remains unreadable, and hackers may move on to less vigilant prey.

Some cloud storage services have decryption keys, and if those are stolen, your information may be read by intruders.  This mean you shouldn't rely entirely on the cloud service's encryption.  You can add an extra layer of encryption on your own to help protect your stored data from stolen decryption keys.

Hide Internet Traffic

Using public internet access for laptops makes your data vulnerable.  The same applies to remote employees who use their home Wi-Fi connections. 

A virtual private network (VPN) encrypts all communications to and from a laptop.  The network is protected.  Requiring a VPN connection for all employees helps lock out criminals who use the internet to attack companies.

Guard Email

Email can be the biggest leak in your security system.  Employees may send sensitive information through emails, and if this information is intercepted, your company and your customers could be at risk.

Secure email applications can protect email communications not only while they are being sent, but also while they sit in inboxes. You receive an added benefit, because encryption means unauthorized recipients, such as friends and acquaintances of employees, will not be able to read company email.

Lock Lost Devices
Half of data breaches come from lost or stolen USB drives, laptops, phones, and tablets. Not only should you make sure that each of these devices is password-protected, but you also should have employees use encryption applications for sending, receiving, and storing data.

Neutralizing Employee Mistakes
Employees may grant access to a file by attaching it or giving a link to a non-employee.  Encryption will nullify the effect of this error.

Safeguarding File Transfers
When you send files through a file transfer service, data thieves can intercept them in transit.  Even a secured network can be vulnerable. Encrypting files before you send them ensures that if they are stolen, they will be unreadable.

Encryption technology is readily available and relatively inexpensive, especially when you compare the price of encryption to the cost of lost data and lost business due to thieves or error.   All businesses today have some kind of internet vulnerability, and enterprising data thieves are always seeking new access points to steal your data.  Make sure that if they get into your network or devices, the data they retrieve will be rendered useless by encryption.
 
if you would like to know more about how Bit by Bit can help please call us at 877.860.5831 x190 or email.

 

Monday, November 14, 2016

5 Signs You Need IT Consulting

With all the changes the world of technology is going through, it can be very difficult to stay on top of your business IT needs while effectively managing a team of employees. If you struggle with managing equipment and managing staff and you experience the following signs, it may be time to consider IT consulting.  

 

1. There's never enough time to manage staff - Are you always telling staff you'll get back to them later, or staying extra hours just to get things done? Does it feel like there are cohesion problems on your team because everyone is always waiting around for your input? All of these problems can be solved by outsourcing the IT to consultants. 

 

2. You have a knowledge gap - In the current cyber security landscape, threats and best practices seem to change every day. Many business IT professionals feel the need to constantly improve their skills to be competitive or simply fulfill the roles for which they were hired. By bringing in a consultant, you can access high-level knowledge you do not have. 

 

3. Your legacy equipment costs too much to maintain - If you're stuck with old equipment that's expensive to repair or replace, a consultant can help you save money. Look to an IT consultant to reduce your expenses through bundling, switching service providers, changing workflows, or leveraging economies of scale. In the long run, the expense of investing in consulting is more than worth it for what you'll save. 


4. Your productivity has dropped - When you are multitasking between managing people and troubleshooting equipment, your productivity naturally decreases. If you feel like you never get done the things you need to do, consulting can help you free up time to devote to pet projects. If you feel like there aren't enough hours in the day, free up time by using IT consulting services. 

 

5. You're not competing with your peers - If your company isn't competitive with peers, you will lose clients to them. An IT consultant can help you solve known problems to increase your competitive advantage over peers, retain clients, and grow the business. 

 

 If these signs sound familiar, begin screening IT consultants near you who have demonstrated expertise working with businesses in your industry. With IT consulting help, you can stop wishing things were better and do something about it.
 
Bit by Bit can help you evaluate your needs, if you would like to discuss your needs in more detail, please contact us at 877.860.5831 x190 or email

Tuesday, October 25, 2016

What To Do If Your Computer or Device is Infected With Ransomware

Ransomware is an increasingly common form of malicious software that can block access to computers, devices, specific files and sometimes cloud storage. Cybercriminals use ransomware to extort money from their victims. Once a computer or device has been infected with ransomware, cybercriminals demand payment to restore access to their device. Payment is usually requested in the form of anonymous currency, such as Bitcoin, but some victims have been ordered to make cash drops in public locations. If your computer or device has been infected by ransomware, you need to take swift action to minimize the damage.

Disconnect All Devices

The first thing you need to do when you discover a ransomware infection is to prevent it from spreading to other devices sharing the same network. Disconnect the infected computer or device from the Internet, all networks and any connected devices as soon as possible, remembering to turn off Wi-Fi, Bluetooth and any other connections. If possible, turn your device off, as this may interrupt the ransomware attack before it can be fully executed.

Report the Attack

Social media, websites and forums can provide useful information about specific types of ransomware and how to remove it. Several Facebook groups, Twitter hashtags and forums have been set up by members of the public to help stop the spread of malware. Reporting ransomware and other malicious software attacks through social media and forums enables these anti-malware groups to gain more insight into the current techniques used by cybercriminals.

Remove the Infection

Ransomware removal is not always possible, as cybercriminals are continually finding new ways to prevent the detection and removal of malware. However, some types of ransomware can be removed using tools offered online. For example, Trend Micro, a security software company, provides a Ransomware Screen Unlock Tool, which can help users to regain access to locked computers and devices. Other security companies offer similar tools and file decryption software that can be used to regain access to specific files.

Wipe Your Device

If the ransomware removal tools don't work, your best option may be to wipe your device and reinstall your operating system. While this means you will lose any unsaved data, it may be possible to restore files from previous backups that were automatically performed by your operating system or security software. Check the help files or online literature associated with your operating system, security program and backup software to see if you can salvage your data.


Unfortunately, it's not always possible to remove a ransomware infection, particularly when it comes to the more recent versions. However, while you may not be able to salvage your unsaved data, you should be able to wipe your device and start again with a clean system. If you have important data that you don't want to lose, it can be tempting to pay the ransom, but there is no guarantee that the cybercriminals will return access to your device. Therefore, most security experts advise against making payments.


If you would like to learn more about how to protect your systems from Ransomware and other failures. Please contact us at 877.860.5831 x109

Robert Blake
The Backup Guy

Bit by Bit Computer Consulting

Monday, October 3, 2016

Cloud Computing: An Overview of SaaS, IaaS and PaaS


Cloud computing has been a revolution for technology. "Cloud" itself has become a broad term, but the services it provides can generally be summed up into three distinct categories: Software as a Service, Infrastructure as a Service, and Platform as a Service. Gaining an understanding of these subsets of cloud computing is essential for businesses and organizations who wish to utilize the benefits of this progressive technology.

Software as a Service (SaaS) provides a user access to software via a cloud platform. This is an increasingly popular model of selling and distributing software, effectively overhauling box sales. SaaS creates software on demand, and users will often pay for a license for a period of time, rather than a one-time buy. This can make using the software incredibly cost-effective. While a purchaser of boxed-software may have found it necessary to buy new models in past, SaaS generally will include any updates as they are released, without the need to enter into a new license. Similarly, SaaS allows the creator to distribute updates to all of its consumers immediately, allowing their product to remain cutting-edge. Of course, this also forces the consumer to abide by these updates, as it is frequent that software offered this way will not be covered under a service level agreement unless it is up to date. For enterprises, SaaS greatly outweighs its boxed counterpart in terms of scalability and accessibility. Software provided over the Internet gains the ability to be licensed to different machines on-demand. Consumers who need to purchase more licenses will be able to do so seamlessly.

Infrastructure as a Service (IaaS) creates a shared environment within a company. IaaS requires an enterprise to have the technical knowledge to maintain a quality service. IaaS may be represented in any fashion which infrastructure is distributed amongst a company in a virtualized environment. Private cloud hosting, virtual data centers, and virtual private servers are poignant examples of IaaS. The usage of some form of IaaS is, of course, extremely common within enterprises, and represents the modernization of business structure and computing. The major downsides of IaaS surround the actual deployment of the model. Migrating to IaaS is usually incrediblly capital-intensive, and not easy for companies which do not have the resources to deploy. Furthermore, while IaaS may provide a level of scalability within a company's quarters, scaling beyond this region (e.g., to a new geographic location) may prove difficult.

A Platform as a Service (PaaS) is also hosted over the cloud but are services primarily accessible through the user's web browser. PaaS provides an easy to set-up, special-purpose environment for business customers. The focus of PaaS is to allow its users, generally within a business environment, to create and grow their services over the Internet. PaaS is frequently used by developers as a convenient and characteristic environment. Similar to IaaS, PaaS can decrease overhead costs significantly, as having the entire platform available across machines and updatable on demand diminishes redundancy and is less resource-intensive to maintain. PaaS may furthermore be a good solution for business with complex needs, but a less capable IT department. However, this can also be a drawback, as the customer may find PaaS as less customizable. Entering into an agreement with a PaaS provider puts a great deal of control outside of the business itself. Furthermore, should a company decide their PaaS is no longer effective for their needs, migrating away from it may prove difficult and nuanced.

Encompassing these advantages and disadvantages of cloud integration is the need for its users to gain a greater understanding of the technology. The cloud is a natural evolution for sharing and storing data. While efficiency and simplification may be the target of implementation, nuances surrounding the cloud prove to be anything but simple. A sufficient understanding of the technology and a proactive, thoughtful approach to utilizing it in both business and personal life may prove to be as necessary as learning to use the Internet itself, as generations before found themselves required to do.

Cloud computing has been a revolution for technology. "Cloud" itself has become a broad term, but the services it provides can generally be summed up into three distinct categories: Software as a Service, Infrastructure as a Service, and Platform as a Service. Gaining an understanding of these subsets of cloud computing is essential for businesses and organizations who wish to utilize the benefits of this progressive technology.

Software as a Service (SaaS) provides a user access to software via a cloud platform. This is an increasingly popular model of selling and distributing software, effectively overhauling box sales. SaaS creates software on demand, and users will often pay for a license for a period of time, rather than a one-time buy. This can make using the software incredibly cost-effective. While a purchaser of boxed-software may have found it necessary to buy new models in past, SaaS generally will include any updates as they are released, without the need to enter into a new license. Similarly, SaaS allows the creator to distribute updates to all of its consumers immediately, allowing their product to remain cutting-edge. Of course, this also forces the consumer to abide by these updates, as it is frequent that software offered this way will not be covered under a service level agreement unless it is up to date. For enterprises, SaaS greatly outweighs its boxed counterpart in terms of scalability and accessibility. Software provided over the Internet gains the ability to be licensed to different machines on-demand. Consumers who need to purchase more licenses will be able to do so seamlessly.

Infrastructure as a Service (IaaS) creates a shared environment within a company. IaaS requires an enterprise to have the technical knowledge to maintain a quality service. IaaS may be represented in any fashion which infrastructure is distributed amongst a company in a virtualized environment. Private cloud hosting, virtual data centers, and virtual private servers are poignant examples of IaaS. The usage of some form of IaaS is, of course, extremely common within enterprises, and represents the modernization of business structure and computing. The major downsides of IaaS surround the actual deployment of the model. Migrating to IaaS is usually incrediblly capital-intensive, and not easy for companies which do not have the resources to deploy. Furthermore, while IaaS may provide a level of scalability within a company's quarters, scaling beyond this region (e.g., to a new geographic location) may prove difficult.

A Platform as a Service (PaaS) is also hosted over the cloud but are services primarily accessible through the user's web browser. PaaS provides an easy to set-up, special-purpose environment for business customers. The focus of PaaS is to allow its users, generally within a business environment, to create and grow their services over the Internet. PaaS is frequently used by developers as a convenient and characteristic environment. Similar to IaaS, PaaS can decrease overhead costs significantly, as having the entire platform available across machines and updatable on demand diminishes redundancy and is less resource-intensive to maintain. PaaS may furthermore be a good solution for business with complex needs, but a less capable IT department. However, this can also be a drawback, as the customer may find PaaS as less customizable. Entering into an agreement with a PaaS provider puts a great deal of control outside of the business itself. Furthermore, should a company decide their PaaS is no longer effective for their needs, migrating away from it may prove difficult and nuanced.

Encompassing these advantages and disadvantages of cloud integration is the need for its users to gain a greater understanding of the technology. The cloud is a natural evolution for sharing and storing data. While efficiency and simplification may be the target of implementation, nuances surrounding the cloud prove to be anything but simple. A sufficient understanding of the technology and a proactive, thoughtful approach to utilizing it in both business and personal life may prove to be as necessary as learning to use the Internet itself, as generations before found themselves required to do.

Robert Blake
877.860.5831 x190


Thursday, September 22, 2016

FW: Breaking News: Yahoo said 500 million accounts were hacked in 2014, possibly by a "state-sponsored actor." It urged users to review their accounts.





BREAKING NEWS

Thursday, September 22, 2016 3:05 PM EDT

In a statement, Yahoo said user information — including names, email addresses, telephone numbers, birth dates, passwords and in some cases security questions — was compromised in 2014 by what it believed was a "state-sponsored actor." It did not name the country involved.
The company said it was working with law enforcement officials, and resetting passwords and security questions. It encouraged users to review their online accounts for suspicious activity and to watch out for suspicious emails.

Wednesday, September 7, 2016

3 Backup Strategies You Should Consider for Your Home and Small Business

Backing up your home or small business data has never been more important, or easier. Long gone are the days when just the thought of backing up your data was a headache. With today's technology, finding and implementing the backup strategy best for you is easier than ever. While any backup strategy can be made to fit, some fit better than others. With a little forethought and planning, you can have a fully working backup solution in place before you lose that important file forever.

There are three basic backup strategies suitable for the home or small business: same machine, external drive, and cloud based. While these aren't the only solutions available, they are the ones most suited to smaller environments and they can be robust enough to scale up significantly.

1 Same Machine

Same machine backup is the easiest backup system to implement. Using space on your current hard drive you can create a local backup to another drive or partition. While the ease and cost of this method can be enticing, it offers the least flexibility from all three options and is the most likely to cause problems. Most operating systems come with a built-in backup tool, but others can be downloaded for little to no cost. Setting a same machine backup can be as simple as choosing a source and destination directory, even on the same drive. This kind of backup can be useful for recovering overwritten files, but if data loss occurs due to a hardware fault or theft, you are left with nothing. It would be considered the least appealing alternative of the three options.

PROS

  • Costs nothing 
  • Doesn't rely on an internet connection 

CONS

  • Data is still lost after hardware fault or theft 
  • Can only access backup from the same machine 


2 External Drive

Everybody has a thumb drive, right? All jokes aside, any external USB drive can be used to make a copy of files for safe keeping. Backup software works just as well with external drives, but now you have the added benefit of removing the backup and taking it elsewhere. External drives are now large enough and cheap enough to store huge quantities of data. While these drives can fail or be lost, you would still have your original files to continue working. Using multiple external drives has become a common method to make cheap, long-lasting backups. Hardware failures can happen, though, so it's important to routinely test external drives for any faults. While there is nothing wrong with using external storage for a backup, it only offers a basic backup functionality.

PROS

  • External drives are cheap 
  • Can move the backup to another location 
  • Doesn't rely on an internet connection 


CONS
  • External drives can develop hardware faults 
  • Requires you to have the drive with you if you ever need to do a restore 


3 Cloud

Unless you've been living under a rock, you've heard, seen, and been schmoozed with promises of the cloud! The good news is when it comes to a home or small business backup solution, the cloud really can deliver. Before going any further, it is important to mention there are two main types of cloud backup services offered and while their functionality crosses over quite a bit, they both offer a different enough service that you should think carefully what it is you need before choosing one.

The first type of service is purely for backup purposes. After downloading the program, you create an account, select folders on your computer, and everything in those folders is automatically uploaded to cloud storage. You will be able to log onto your account anywhere in the world and access those files, but any changes made won't automatically be reflected on the original PC. Some cloud service providers do offer additional software to perform this task. There are numerous cloud services that offer this kind of backup solution. Carbonite and ElephantDrive both offer free basic plans for personal use.

The second type of cloud service is sync and storage. Once the software is installed, the service will create a basic folder on your computer. Everything inside this folder is uploaded to the cloud where it is then synced across any other devices with the same account. This is perfect for anyone that wants to work on a file at home, then pick up again from another device. Every time a change is made to a file it will be updated in the cloud and synced across all devices. Like the backup services, there are plenty of contenders when it comes to the sync and storage providers. Dropbox, Google Drive, and Microsoft's own OneDrive are three of the more popular service providers who offer free plans.

PROS

  • Backups are stored offsite in the cloud 
  • Always accessible with an internet connection 
  • Files are automatically backed up as you work on them 
  • Basic cloud services are often free 
  • Able to access files from anywhere with an internet connection through multiple devices 
  • Files can be worked on from multiple machines without having to send copies 
  • Most cloud services will store multiple versions of each file allowing you to choose to restore an older version 

CONS

  • Require an internet connection 
  • Might need to upgrade subscription for large amounts of space 
  • Sync and storage service operates from a single main folder 


Which one do you use? The first thing you need to do is figure out what system of backup will be most beneficial. Do you want to have a central folder of documents you can work on between different machines without having to e-mail them back and forth? A sync and storage cloud service would work well here. On the other hand, you might need to archive large video files that you don't want syncing to every computer you use. In this case, an external drive or backup cloud service would be a better fit. It should be mentioned that cloud services are all the rage for very good reason. With growing bandwidth capacity and the luxury to log into your account from the other side of the world and take control of your data, these services offer tremendous value and convenience.

As always, you should think carefully about what you need from a service first and foremost before implementing the solution.

Just make sure you implement something!

For more information or help implementing a solution for your business, contact us at 877.860.5831 or www.bitxbit.com

Robert Blake
877.860.5831 x190

Monday, July 11, 2016

Three Must-Haves for Your Network's Firewall

Given the amount of confidential data that flows in and out of a business, having secure and robust network protection is crucial. But considering that every business has its own specific requirements, such as scalability, affordability, and flexibility, selecting the right firewall is no simple task. However, there are aspects that every next generation firewall should have, and three of these are listed below.

Advanced Evasion Techniques Protection 

Advanced evasion techniques are known for their ability to penetrate, exploit, or circumvent multiple layers of network security. They are especially harmful because they can appear to behave like normal activity to a less complex security solution. But a firewall with advanced malware prevention technology lets any and all traffic be inspected, allowing for multi-level and full-scale monitoring and analysis that does not compete with normal network performance and operations.

High Availability and Failover Capabilities  

Every network has its periods of scheduled and unscheduled downtime. If your firewall has high availability and failover capabilities, these downtimes can appear almost seamless to the end user. On the network side, data is protected while applications routinely undergo updates and maintenance.

User and Application Control

Although having a few minutes to browse the web can actually help with productivity, being able to create and apply policies that protect your data, applications, and hardware is a necessary safeguard. With user and application control, you can specify user identities, roles, and domain names. Additionally, you can generate reports to review activities and keep data safe and secure for the benefit of all stakeholders.

The Need for Network Protection

The necessity of a secure network protection should be the impetus for you to invest in a next-generation firewall. Not only will it increase your business' resiliency and data availability, but it can also reduce the costs of unscheduled downtime and critical issue resolution. If you are debating which features to have in your firewall, consider the three above so that your data, clients, and business demands are protected from threats and intrusions.



Robert Blake
Bit by Bit Computer Consultants
721 N Fielder Rd. #B
Arlington, Texas 76012
Direct 817.505.1257
877.860.5831 x190

Wednesday, June 29, 2016

A Complete Guide to Protecting Against Phishing Emails

The term "phishing" refers to fraudulent methods of obtaining personal information. There are a number of phishing methods that fraudsters employ, the most common being by email. Phishing emails are designed to look as though they come from legitimate companies, often banks and credit card companies, with the aim of tricking you into entering personal information such as:

  • Online bank details 
  • User names 
  • Passwords 
  • Personal Identification Numbers 
  • Social Security Numbers 


Phishing emails often look very realistic at first glance; they can contain perfectly duplicated logos and even some genuine links to the company's website in an attempt to further convince you that the communication is real. However, the link you click on to enter information will take you to an imitation website (known as a "pharming" website) or pop-up window, and you'll send all your sensitive information and passwords straight into the hands of cyber-criminals. You'll often see scare tactics used with phishing emails, stating that an account will be closed unless information is updated, or that there has been unauthorized access to one of your accounts so a password change is required. Once you click on the link and enter the information the criminals have it all - this one mistake could end up costing you months of heartache and frustration, thousands of dollars and your good credit. High-profile financial institutions such as Amazon, PayPal, and eBay have historically been prime targets of phishing scams. Recently however, social networks have also been targeted with phishing emails purporting to be from Facebook, Whatsapp and Google Plus; these mostly contain malicious links to gain access to your contacts list for spamming purposes.

Phishing is generally thought of as a modern phenomenon; in fact, the first successful phishing scams were undertaken during the early days of the internet. There's a reason they're still around today and getting more sophisticated - unfortunately they're big earners for criminals. Statistics indicate that over half of internet users get at least one phishing email per day; that's over 100 billion spam emails sent around the world every day! The Anti-Phishing Working Group estimate that around 5% of adults within the United States are tricked into responding to scam emails, costing over five hundred million dollars per year.
It's not just individuals who are targeted; companies both large and small have also fallen prey to phishing emails, leading to huge data breaches and devastating financial consequences. Luckily there's steps you can take to avoid being scammed. Read on for essential tips to protect yourself and your private information.


#1 Recognize common characteristics of scam emails

Phishing emails tend to share some common characteristics that can help you identify them. These aren't conclusive though, so further investigation will be required. Look out for:
Generic greeting - If the email starts with Dear Customer or Dear Sir/Madam, this should be an immediate red flag. Most high-profile businesses will personalize emails with names and account numbers.

Poor grammar and spelling - phishing emails usually contain multiple spelling and grammatical errors.

Alarming - Phishing emails will try to shock you into taking immediate action by telling you your account or password has been compromised, or that your account will be suspended if something isn't done.

Unknown Sender - never click on a link or download files or attachments from an unknown source. They could contain viruses or other malware.
A company you've never done business with - phishing emails are sent to thousands of people, in the hopes that a few will fall for it - so if you receive an email asking you to reset a password for a company you've never dealt with, it's a scam.


#2 Never click on an email link to enter sensitive information

Always go to your bank's website to enter information or update passwords. Don't follow any links provided in an email - type the URL for the website you want to visit into the search bar or use a bookmark that you have previously created. Banks and other financial companies will never ask you to enter personal information through an email; they will always ask you to log in on their secure website.

#3 Exercise extreme caution with pop-up windows

Pop-up windows can appear to be part of a trusted website, but there's no way to tell if it's been maliciously installed by someone else. Never enter any personal details into a pop-up window. If one appears unexpectedly, click the cross in the top left corner to close it immediately - do not click anything else, as this can trigger the installation of malware or viruses.

#4 Hover your mouse over links to check they're genuine

The only links you should click on are on trusted websites or links that you're expecting, such as a confirmation link. Even then, you should check they're genuine as they can be spoofed. This can be done by simply hovering your cursor over the link.

#5 Check websites are secure before entering any details

Is "https://" visible in the website's address bar with a green padlock? The "s" at the end of http means secure, and along with the padlock reassures you that information you send is protected and only visible to those meant to see it. However, these can be imitated so click on the green padlock to view the security certificate and ensure it correlates to the site you want to visit. If the name on the security certificate is different, don't enter any information and exit the site. Contact the company directly if you can't verify this certificate.

#6 Install firewalls on your computer and ensure all anti-virus and malware protection are kept up to date

Firewalls and strong anti-virus program are your first line of protection in the fight against phishing attacks. For maximum protection use both a network firewall and a desktop firewall. These defend your computer and network from possible intrusion. Keep all hardware, software and web browsers fully updated for full protection.

#7 Use your web browser to help identify fraudulent websites

Most well-known browsers have the ability to block fake websites which may be trying to extract your personal information, or infect your device with malware. There's different ways to enable this protection, depending on which browser you use -

Google Chrome - Click on "Preferences" then "Show Advanced Settings" (at the bottom of the page.) Within the Privacy section you'll see a box marked "protect you and your device from dangerous sites" - check this box. You'll now get an immediate warning if you accidentally try to enter a dangerous website.

Safari: Within your "Preferences" section, under "Security," select the box marked "fraudulent sites - warn me when visiting a fraudulent site"

Firefox: Click on "Preferences" then "Privacy" and "Security." You'll notice a box marked "warn when visiting a fraudulent site" - check this box. You should also check the box marked "block reported web forgeries."

It's important to keep your browser updated, as vital security patches and bug fixes that are essential for keeping you safe from hackers are often contained within updates.

#8 Never email personal information to anyone without PGP

Even if you know and trust the person you're sending it to, emailing unencrypted personal information isn't a good idea. You have no way of knowing your information is 100% safe once you hit the send button. If there's no way to avoid using email, ensure you are both using PGP encryption. This encrypts the information using a public and a private key, meaning only the recipient can decrypt it.

#9 Check privacy policies

Before you sign up to a website, check their privacy policy. If they state that they sell user's details, think again before signing up. Your email address could end up in the hands of spammers and phishers.

#10 If you have any doubts about emails you've received, call the company in question

If you receive emails asking you to take actions that you aren't sure about, call the company and ask. They'll be able to tell you whether the communication is genuine. Don't use contact numbers provided on the email; either go to the company's website to obtain the number or use one you have previously stored.

#11 Check bank statements regularly

Check bank statements and online banking records regularly for suspicious transactions - if you've been a victim of fraud, you'll notice it. If you see any transactions you aren't familiar with, contact your bank. They'll be able to block any further transactions immediately.

Email phishing scams are increasingly harder to detect and can end up having long-lasting consequences for their victims. Pay close attention whenever an email asks for personal information, especially if it appears to be from a financial institution, such as your bank or credit card company; they will never ask for your information in this way.


  • Look out for immediate red flags - a generic greeting, along with poor spelling and demands for immediate action are clear indications it's a scam. 
  • Ensure you're fully protected with firewalls and software, with anti-spam, malware and spyware software. It's essential to keep these up to date for full protection. 


  • Your web browser should also be updated regularly. Be aware of where you are entering information - make sure the website is secure and the security certificate is legitimate. 


  • It's also a good idea to be aware of what your email address will be used for when you sign up for a service - personal details are often sold on, resulting in you receiving increased amounts of spam and phishing emails. 


  • It's always a good idea to contact the company directly if you're unsure whether an email you've received legitimate and contact your bank straight away if you notice the slightest financial irregularity. 


All it takes is a little knowledge, planning and awareness to stay one step ahead of the phishers, and keep your bank accounts and information protected.