What is Spear Phishing and How Can You Stop It

If you have spent any time online, you have probably seen your fair share of fraudulent emails. From free offers on the latest wonder drug to information about the newest miracle diet, these emailed come-ons are everywhere, and clicking on them could compromise your security, or even your identity.

These phishing attacks have been around for quite some time, so long that many users have learned how to tune them out. With so many online users deleting, or simply ignoring, these run-of-the-mill phishing emails, scam artists have ramped up their efforts even more, and the result is an emerging threat called spear phishing.

As the name implies, spear phishing is a form of phishing attack, but it is highly targeted and can be much harder to detect. Instead of sending out millions of identical emails touting the latest miracle diet, spear phishing attacks target a much smaller audience.

Using emails that appear to come from a reputable source, like an employer or trusted friend, these spear phishing attacks seek to evade spam filters and jaded internet users alike. Even savvy computer users have been fooled, and if you do not know what to look for, you could be the next victim.

One of the things that distinguishes spear phishing from its less sophisticated counterpart is its level of personalization. Instead of the standard Dear Sir or Dear Madam, the scammer on the other end of the spear phishing attack calls you by name. The attacker may even know where you work, or the names of people in your network.

That personalization can throw even the sophisticated user off guard and cause them to lay down their defenses. That is why it is so important to review any incoming messages carefully, looking for signs that the person or organization on the other end is not who they claim to be.

From obvious mistakes like spelling errors and grammatical problems to company logos that just do not look right, there are a number of things to watch out for. Users should also be wary if the message asks for personal information like account numbers of Social Security numbers - these are things that should never be sent via email.

Last but not least, if you have even the slightest suspicion that a genuine-looking email is actually a spear phishing attack, contact the supposed sender to verify its authenticity. You can never be too careful in this world of rampant identity theft, ransomware attacks and other online dangers.

As with any online threat, prevention is the best defense. Spear phishing scams often use the information people post online against them, creating convincing messages that can fool even the most vigilant. If you want to protect yourself, take a few minutes to review your online presence, including information you have already shared. Sharing your email address, or the email addresses of friends and family, online can be quite dangerous, as can revealing personal details, like pet names, birthdates and the names of your children. Since these details are often used as challenge questions and in online profiles, sharing them on social media could put you at risk and open you up to the threat of spear phishing.

Spear phishing is not going away any time soon, and the best defenses are vigilance and common sense. Be wary of requests coming in through email, watch what you share and trust your intuition. Think before you click, and use your own common sense to protect yourself, your identity and your data.

Robert Blake

www.bitxbit.com

800.860.5831 x190

Protecting Your Business from Data Breaches and Cyber Attacks

The world of technology has definitely revolutionized how business is done. While many businesses benefit from it, malicious individuals might be using the same technology to steal data. In the line of business, there have been many cases of cyber-attacks and breaches. Today, business security has to be heavily regulated under strict observations. With the right practices, you can obtain additional measures to protect your data from being compromised and stolen. Here are several practices and recommendations to consider.

Train Your Employees on Business Security

One of the best resources any business could have is the employee. Employees play the biggest part in keeping the business intact. If your goal is to protect business data, then training your employees on computer security can help keep the hackers and cyber-attackers away. If your employee were aware of risks, then they would be able to address them before they jeopardize the business. You can also alert your employees to the various types of malware that exist and which ones cause the worst problems for your system. It is also important for them to know that not every link or attachment in an email should be opened. By understanding even these small details, your business has a better chance of avoiding losing data to hackers.

Regularly Update Your Software

Keeping your systems and software up to date is a critical step in protecting your business data. When you install new versions of software, be sure they are set to automatically update when security patches are released. When you successfully and consistently keep your software updated to the latest versions, then your data is kept out of reach from cyber-attackers.

Use Strong Passwords

Business security means using safe and strong passwords that are difficult to guess. Hackers can employ bots to help decode and guess passwords. If you have a password that is easy to guess, then you are leaving the door open for hackers to access your accounts. Make sure they contain a mix of letters, numbers, and symbols. Keep your passwords stored in a secured account or folder so you can refer to them when needed. In addition, you can also use a password-generator website to set up a secure password for your accounts.

Invest in a Reliable Antivirus Program

Since technology has improved, there are programs available that can help you in your fight against hackers. Anti-virus programs continue to advance and develop in order to protect businesses against increasingly complex threats. If you have important data to protect, then make it a priority to have the most consistent antivirus program installed. Not only do they provide real-time protection, but they can alert you to potential risks before going to a website or opening a file.

Routinely Encrypt Your Data

Encryption is another way of keeping your data protected. End-to-end encryption allows you to communicate with clients without being exposed to risks or vulnerabilities. In addition, encryption can protect all data shared among employees, networks, and business partners.

Once you have these systems and practices in place, perform constant maintenance on your systems to ensure they are in running order. In addition, have your employees continue to research and stay updated on the latest security risks and practices. The hackers will constantly attempt to exploit new vulnerabilities, so it is important to stay a step ahead of time. By staying vigilant and continuing to invest in the latest security practices, you can keep your business data protected for a long time.

Robert Blake

Bit by Bit website

877.860.5831 x190

How To Stay Safe from WannaCry and Other Online Threats

 If you follow the news, chances are, you've heard about the latest ransomware attack, named WannaCry, that has infected thousands of computers worldwide. While it is still spreading to personal devices and to offices, there are some simple things to keep in mind if you want to stay safe.

Ransomware works by exploiting a vulnerability in your operating system (mostly Windows) and it encrypts your files. The victim is then asked to pay a ransom ($300 worth of Bitcoin) to get their files unencrypted. This situation is avoidable with some precautions while browsing and downloading files from the internet.

Update your Operating System

If you're on an older version of Windows (XP and Win 8), you should immediately upgrade to the latest version of Windows 10 to stay safe from WannaCry. For those of you that are using the latest Windows OS, make sure that your system is up-to-date and you will not be vulnerable to this attack. Since this attack spreads through the internet, it would be wise to avoid spammy-looking emails asking you to open or click on a link. Emails containing download links should not be clicked unless it's from a trusted source. If you have disabled automatic updates on Windows, head over to your control panel and switch it on.

Download and install a ransomware blocker

After you've updated your system, chances are that you won't be a victim of WannaCry. To protect your system from further attacks like this, check whether your antivirus has a dedicated ransomware blocking feature. There are some free software like Malwarebytes Anti-Ransomware and CybereasonRansomfree that you can download to protect your PC. This will monitor your incoming and outgoing internet traffic for possible signs of malware and will alert you of any suspicious activity under the hood. After this, set your browser mode to "HTTPS only." This ensures that all the traffic between your computer and the website you visit is encrypted.

Backup your data

There are two options to consider while backing up your documents and media. You could backup your personal and important files on an external hard disc. Copying data would not take more than an hour and a weekly backup is highly recommended. If ever your device gets infected by WannaCry, or your OS crashes, you won't have to fret over lost data. Besides the regular hard disc backup, you can use cloud services like DropBox and Google Drive to safely store your files. Use two-factor-authentication for login to these web services. While they're highly secure portals to store your digital files, it would be best to use an app like Google Authenticator to add an extra layer of security.

What about my mobile devices?

As of now, WannaCry seems to be spreading on Windows specific devices. Nevertheless, if you have an Android, iOS or Windows phone, be careful while browsing and downloading attachments. Only install software and mobile applications from trusted sources that you can rely on.

With these things in mind, you should be safe from every type of online attack like WannaCry. Inform your colleagues and family members on the importance of doing regular backups and downloading files only from trusted sources online. WannaCry is known to spread through computer networks, so a collective awareness is needed to ensure that the hackers don't get their way.

Robert Blake

www.bitxbit.com

800.860.5831 x190

#Ransomware stat 10: 48% of IT pros report ciritical data loss for an #SMB due to ransomware https://datto.amp.vg/pb/d5udzvkr5udu0