When it comes to Cyber-attacks, your business’s biggest vulnerability is your employees. In this blog we will be talking about the consequences of poor cyber security knowledge, and some different ways hackers fool your employees.
- Phishing emails
Phishing emails are the most popular and successful way of breaching a businesses network.
What is a phishing email?
A phishing email is a fraudulent email that’s goal is to trick the target into giving personal or sensitive information. This information is then used for malicious purposes including:
Passwords to hack into a company’s network; bank details to steal money; personal information for identity fraud.
A typical phishing email may claim to be your bank or an online shop and ask you to input your login credentials.
An intelligent one often used on businesses involves claiming to be the Managing Director or someone from a management position by using a similar email address. The email is usually sent to the finance department and asks them to make an urgent transfer to an account to “secure a new large business deal”.
Consequences of not knowing how to identify a phishing email include:
– A breach into your business’s network, which can result in data being stolen. This is also very bad for GDPR, and can result in a large fine.
– Theft on your business
-
Tagging Along
Never download an unauthentic product online. The product may have malicious content “tagging along” in the download which can be used to infect your PC and monitor it for sensitive information. Ways of identifying if a product is unauthentic includes:
- The download being free, when it should normally cost
- The website does not have an SSL certificate.
- You found out about it from an untrustworthy source
You should confer with your IT department if you are ever unsure if a product is illegitimate.
Consequences of downloading unauthentic products include:
- Infecting your PC or network with malware
-
Facebook Identity Theft
Facebook is a hacker’s best friend. There is wealth of personal information about yourself and others on the social media platform. Cyber Criminals can create a fake account of your friend or colleague, use their images, and add all the same people that they have.
If you receive a friend request but are confused because you thought you were already friends with them, think twice before accepting.
If this technique works and you accept it, they can send you a message with a link to malicious content in it. Once your infected, they will have breached your PC or network.
Consequences of accepting fake friend requests include:
- Being tricked into clicking on a link which could infect your PC or network
- Being tricked into transferring money to cyber criminals
- The Dropped Drive Technique
A study from 2016 has found that almost half the people who find and pick up a random USB stick plug it into their PC’s. Hackers may purposely leave memory sticks with malware on them around your offices in the hope that someone will get curious and put it into their computer to see what’s on it.
Consequences of plugging in a random memory stick into your PC include:
- Infecting your PC or network with malware
Did you know 88% of employees have no clue about their organisation’s IT security policies?
As you can see, educating your staff on the various methods of cyber criminals is very important to ensure the protection of your business. If you would like to find out more about cyber-crime or cyber security within your business, speak to our experts today on 01273 806211 or hello@ingeniotech.co.uk