6 steps to help you defend against the latest phishing tactics.
With cyber thieves getting smarter and more familiar with security systems, it is becoming increasingly more important to train staff to be aware of the pitfalls. Always keep an eye out for suspicious activity as Phishing alone costs large businesses on average £2.8 million per year. Here are 6 simple steps to stop you falling for scams.
1. Train your employees to recognise scams.
With company’s receiving multiple phishing attempts every day. Employees should be directing all emails that seem random through to a single designated person that checks all of them. All emails that seem random, suspicious, uncharacteristic or contain any links that were not expected, are possible phishing attacks. It’s important to embrace even the false alarms to encourage employees to continuously question suspicious attempts in the future.
2. Use two-step verification.
A way to protect things such as your business accounts is to use two-step verification (or a two-factor authenticator). It works by signing in with a password and then a code is sent to your phone to verify the login attempt. Turning on two-step verification adds an additional layer of security.
3. Have regular security health checks.
You should regularly undertake both internal and external testing of your systems. This will highlight any weaknesses that exist in your network or reassure you that currently all is well. Reviewing the latest security issues will help you keep everyone up to speed with the latest cyber threats.
4. Continually update your software.
Training is always going to be essential when it comes to defending against the risk of phishing attacks, but businesses can’t just rely on every employee doing the right thing whenever faced with a sophisticated phishing email. The majority of phishing attacks attempt to exploit vulnerabilities in software, these vulnerabilities are normally resolved in the most recent version up dates. Keeping all software up-to-date is one of the most effective ways to combat phishing attacks.
5. Never click links within emails.
Phishing attacks pretty much always depend on someone making a mistake e.g. clicking on a fake link. Make sure everyone in your business is educated on this issue. Make a simple rule: never click on links, especially from what appears to be financial institutions. If there is even a one per cent chance that a link is fake, it’s better to be safe and type the URL in your browser than sorry…
6. Use different passwords.
With so many online tools and platforms to use for your business, it’s hard to keep track of all the different passwords you have set. That’s why many people try to keep it simple (e.g. using password for your password) or just set the same passwords for all platforms they use. This is a huge mistake! There are a lot of great login tools available for you to use and that can save your company from phishing attack. Login tools and password generators really help to keep your passwords safe and secure.
Most surveys suggest that it is people that are the weakest link in keeping the fraudsters at bay. It is therefore very important to ensure that your employees are up to date with the latest scams through regular training and updates. After all, if you are a SME losing out to fraud can put your business at risk. Following the simple steps above can make it much harder for your business to come under attack and will help to keep it safe.