Defending an organisation against cyberattacks isn’t simply the responsibility of the IT team (if there is one) or the people in charge – it’s the responsibility of every employee. Before a cyberattacker can get their hands on data, employee information or money, they have to get through you. You have the power to stop these attacks. Here are 5 security tips to live by:
1. Pay attention! It doesn’t take a technical genius to carry out a cyber attack. They just need to access basic data, usually available to the public online. Next time you get an email from whoever at whatever bank requesting employee details of any kind, stop. Check the email with your manager or someone on your IT team. Think the email’s legit? Still verify. Look closely at the domain name, web address and sender’s name to make sure there are no typos or intentional mispellings.
2. If it seems suspicious, it probably is. If your email contains tracking information from a postal service, but you aren’t expecting a shipment, stop. Don’t click the tracking URL because it’s a malicious link disguised as something familiar. Emails containing attachments should also be treated as suspicious. They could contain malicious code.
3. Everyone’s a target – but some roles are easier targets. If you work in human resources, sales or communications it’s likely your name and contact information are listed on the company’s website. If this is the case, you need to be extra vigilant when it comes to practicing good security. Cyberattackers will view you as an easy stepping stone to gain access to senior staff or company information. Be on the lookout for fraudulent emails, always.
4. Think before you share. Here’s a wakeup call for you: Cyberattacks are not random. They are well-researched and usually architected using information you share online. Personal details like where you work, job title, who you’re friends with and what you’re doing, when are all over social media sites. Hackers research these sites to gather intel on unsuspecting victims – this is called social engineering. A victim is born once a cyberattacker finds out where the person works, connections and job function..
5. Don’t be a follower. If you receive an email from a bank or financial institution requesting your credentials, don’t click the link – it could be malicious. Even if the email is branded with what looks like legitimate logos and fonts, it could be a scam. Instead, type in the actual webiste address, verify the secure connection using “HTTPS” then provide your details in a legitimate, secure environment.
Download this free e-book which includes the points above and more. It’s a great way to share this concept with your employees.