Security Awareness doesn’t have to be Difficult

In the ever-changing landscape of cybersecurity, it may seem like a daunting task to keep you and your network safe from intrusion.  In addition to maintaining your cyber security infrastructure with the best tools and information available, there are a few simple rules you can follow that can help protect your network.  We’ve put together 6 simple rules that we feel everyone should live by, both at work and at home, when it comes to being online.

  1. Be suspicious of any email or communication from a familiar brand or organization that asks you to click on a link or open an attached document.
    As we have mentioned in our blog on fraudulent websites, this time of year is filled with black Friday deals, discounts and coupons for holiday shopping.  Criminals know this as well, and will attempt to fill your inbox with fraudulent emails claiming to be legitimate brands and organizations.  These emails then link back to fraudulent websites or downloads that will either attempt to steal your information, your money or both. Be on the lookout for deals that look too good to be true or emails from retail companies you don’t remember signing up for.
  2. Beware of lookalike domains, spelling errors in emails or websites, and unfamiliar email senders.

    What’s one of the easiest ways to spot a fraudulent email? Spelling and grammatical errors, or an email address that looks from someone and is close to the original, but not quite. While everyone makes mistakes, seeing glaring spelling mistakes, especially in the company name, or getting an email from your luddite aunt with a new email address should raise an eyebrow.  Likewise, if an email says it’s from “Amazon” but the domain says “AAmazoon” chances are the email is fake and malicious.

  3. Be cautious with files received via email from unknown senders, especially if the sender asks for a certain action you would not usually do.

    It’s the end of the year, which means we have four hundred tasks to do, and that’s even before we get into holiday shopping. Which means, we may not have time to truly vet an email. Criminals will use this to their advantage, through a tactic called spear-phishing.  Spear-phishing is where a criminal pretends to be a legitimate contact (family, friend, client, coworker) and will ask you to either download a file or more typically, attempt to get you to send them money or gift cards. This will get you to fall victim to their scheme, they’ll make it sound urgent so you’ll act without thinking about it.

    Take a second and think about the person sending you that email.  Does your aunt EVER ask you for an amazon gift card?  Would your friend really send you a random email when they always text?  Why is that client emailing you an invoice for something yet received?  When in doubt give the email sender a call to verify anything before acting. A quick discussion that you might not have time for now could save you hours of frustration that you definitely don’t have time for later.

  4. Don’t click on promotional links in emails, and instead, Google the vendor and click the link from the Google results page.
    We all get them, those promotional emails we receive because we visited a website ONCE and yet, despite never needing to go back we continue to get notified of the sales and deals going on. As the holidays approach, special deals either on Cyber Monday and Black Friday, or for weeks on end after, our inboxes will fill with more junk than we know what to do with, outside of just hitting delete.

    Scammers know this and will hopefully slip one or more fake emails into your inbox. Using the same tactics as we discussed above, they will hopefully get you to click on their link and not a legitimate one. Don’t fall for it!  When in doubt, pull up a browser and search for the company in question.  If the sale is legitimate, they will have an ad listed there for you on their main page.

  5. Beware of “special” offers that don’t appear to be reliable or trustworthy purchase opportunities.

    “William Sonoma is offering 90% off their cookware, click here now”, “Click here to get a $100 gift card to Under Armor”, “Click on this link to be eligible for a $500 Amazon shopping spree” All of this sounds great right?  It’s the holiday season who wouldn’t want some of these deals but WAIT! If the email offer looks too good to be true chances are IT IS.

    Always do some research and when in doubt pay a little bit more attention.  At worst you won’t get stuck with a knock off that will break in a month, at best you could save yourself a ton of hassle after being hacked.

  6. Don’t reuse passwords between different applications and accounts.

    By now you are much like the rest of us, you feel like you have more passwords than you know what to do with and you probably have forgotten most of them anyways. So, it would be much easier if you just used one password for ALL the times you need it right?

    Utilizing the same password for one account ups the risk of a hacked system in one place, making all your accounts compromised. As we mentioned in our password blog, from a few months ago <here>, good password hygiene is important in reducing the possibility of being hacked.  Passwords, at a minimum, should be at least 10 characters long and contain numbers, letters, and special characters.

How can Summit Help? 

While these tips and tricks are for you to tackle, there are still other things you can do to better protect yourself.  Tools like DarkWeb monitoring, password vaults, and email filtering, are all products that we offer that can add an extra layer of security to your digital presence.  If you are interested in learning more about these or other products we have to offer, give us a call directly, or click on the contact now button and schedule a quick call with a member of our team


On Key

Related Posts

Takeaways from the CMMC Rule Publication

The Department of Defense’s CMMC program has taken a giant step ahead with the publication of the CMMC Proposed Rule on December 26th in the Federal Register . This begins