Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Seven steps to avoid being 'phished'

214 views

Published on

An international hacker was recently found to have more than 10,000 stolen debit and credit card numbers. So, clearly, phishing – the practice of tricking someone into giving bank or credit card information – is rife and plenty of people are falling for it.

Many businesses issue staff with credit cards to pay for work expenses. But don’t assume everyone who works in your small business is too smart to be taken in by the corrupt come-on of some creep who slips past your email filters. Phishing messages can be slyly convincing.

The website that a phisher’s email links to will have an address (URL) that is similar to but not the same as a real bank's or financial institution’s site. For instance, if the real site is at 'www.yourbank.com.au', the scammer may use an address like 'www.yourbank.com.au.log107.biz'. The fake site may be stamped with logos indistinguishable from those on the real site.

Here are seven tips to help counter the slippery threat of phishing with protection, detection and correction.

Published in: Technology
  • Great blog you have here but I was wondering if you knew of any community forums that cover the same topics discussed here? I’d really like to be a part of online community where I can get advice from other experienced people that share the same interest. If you have any suggestions, please let me know. Thanks a lot!
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • This blog is very nice.I really like such a fantastic written blog.I will keep coming here again and again.Visit my link as well.
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

Seven steps to avoid being 'phished'

  1. 1. Seven steps to avoid being phishedAn international hacker was recently found to have more than 10,000stolen debit and credit card numbers. So, clearly, phishing – the practiceof tricking someone into giving bank or credit card information – is rifeand plenty of people are falling for it.Many businesses issue staff with credit cards to pay for work expenses.But don‟t assume everyone who works in your small business is too smartto be taken in by the corrupt come-on of some creep who slips past youremail filters. Phishing messages can be slyly convincing.The website that a phisher‟s email links to will have an address (URL) thatis similar to but not the same as a real banks or financial institution‟ssite. For instance, if the real site is at www.yourbank.com.au, thescammer may use an address like www.yourbank.com.au.log107.biz.The fake site may be stamped with logos indistinguishable from those onthe real site.Here are seven tips to help counter the slippery threat of phishing withprotection, detection and correction.
  2. 2. 1. Use anti-phishing staff training programs One way to prevent the potential financial harm that can be inflicted by phishing attacks is to train your staff to understand phishers‟ manipulative „head hacking‟ antics. Software training programs include PhishGuru and PhishMe, which is a phishing simulator that boosts awareness of the sophisticated tactics used by hackers looking to compromise your firm‟s data and systems. 2. Take a cross-platform stance You need to raise your game as criminals grow smarter, says the cyber safety expert for the security firm Trend Micro, Aman Chand. Attend to all the internet-connected gadgets your business has because you need multi-device protection, Chand says. Besides Trend Micro, McAfee, Symantec and Webroot can offer protection for all your devices.
  3. 3. 3. Remember your mobileEnsure your staff do not leave mobiles unguarded, Chand says. Justlocking up a mobile with a password will no longer do. Mobile devicesneed proper security software, which is available from all the bigantivirus firms, from Trend Micro to Avast!, McAfee and Norton.Mobile is the new frontier for cybercriminals, according to Chand. In2012, Trend Micro research showed cybercriminals were increasinglytargeting mobiles with phishing attacks. Chand highlights the plightof the popular mobile platform Android. During its first three yearsAndroid has faced the same number of global threats it took thepersonal computer platform 14 years to rack up.
  4. 4. 4. Shun that attachment Three quarters of all spam attachments are malicious, according to Trend Micro research. Make sure your staff understand that if they have doubts about an attachment they should not open it, because it could be the gateway to your system a hacker seeks. Carelessly click an attachment and if you are unlucky the business may be deluged with spam. Worst case: your computers could become an open book to a shyster intent on stealing your business‟s information.
  5. 5. 5. Run scanners According to a security advisor for AVG Technologies AU, Michael McKinnon, while old-school phishing attacks take credentials under false pretences, others just infect your computers by exploiting any detected vulnerabilities – lapses like out-of-date or non-existent anti-hacker software. Prevent infection, McKinnon advises, by running an anti-virus scanner on all your computers. Vitally, it will ensure that any known malware is detected before a rogue program executes and takes hold of the computer. Another tool, link-scanning software, gauges web pages‟ content before they are opened, checking if they have been compromised. If so, the software blocks the shady pages, which may carry code designed to exploit the machine.
  6. 6. 6. Build an arsenal Be thorough – combine multiple layers of anti-virus and anti- spam technologies that are always turned on and updating automatically. Your business‟s defensive arsenal should include a firewall, anti-virus detection and anti-spam capabilities. Besides AVG, popular and powerful defence brands include Avira, Kaspersky, Ad-Aware and Spybot. Together, your defences will shield your business from harm by addressing different and sometimes overlapping areas of concern. Consider upgrading your hardware if your business has clunky computers that cannot run all the safety mechanisms. McKinnon says: “Don‟t forsake your own security just so you can squeeze the last drops from your old computer.”
  7. 7. 7. Change your passwords Change login details as soon as a phishing attack occurs. Make sure all staff use complicated passwords. Passwords should be strong, long and secure. Have a policy so that staff use a mix of uppercase and lowercase letters, symbols and numbers. If you follow these steps, you should reduce the risk of your business being phished or minimise any damage. The effort has to be worth it because phishing is a nasty, devious crime. Besides draining your business of valuable cash, it will leave you feeling foolish and violated. If you relax and just hope it doesn‟t happen to you, it may well be just a matter of time before someone in your company is suckered.

×