by Taras Zeles, IT Department Manager at Vector Software
Security awareness of employees plays a key role in saving company information. Equipping employees with the necessary knowledge and skills to navigate the online sphere safely ensures that organizations safeguard their data, thereby fortifying their defenses against cyber threats.
In the absence of a robust cybersecurity framework, organizations remain vulnerable to data breach attempts, making them an attractive target for cybercriminals.
Phishing attacks frequently result in severe consequences such as identity theft, fraudulent use of credit cards, ransomware infiltration, data breaches, and substantial financial losses for both individuals and corporations.
When aiming to disseminate malware or extract personal data, individuals may employ deceptive emails containing enticing “bait,” distributed broadly to deceive recipients by masquerading as a trustworthy company, service, or individual. To stay safe, it’s best to avoid clicking on email links. Instead, directly access the website by typing its URL, using a bookmarked link, or conducting an independent search for the organization.
Spam refers to irrelevant or unsolicited messages sent across the internet, often to multiple recipients, for advertising, phishing, or spreading malware. Using a technology-based spam blocker is essential to manage these messages.
Never click, open, or respond to messages that appear to be spam or originate from untrusted or unknown sources.
Some companies profit by selling email addresses to spammers or marketing firms. Just as you wouldn’t freely give out your home address, the same caution should apply to your email. When sharing your email on classified ads or public websites, consider using a separate email distinct from your primary one to shield your main inbox from resulting spam.
Example of phishing emails:
What can be phishing:
Recommendations for spam protection:
If the website you are on uses HTTPS, it is seen in the web address bar (displaying a lock icon). Clicking on the lock in the address bar will give you more information about the security of that site.
Example of a lock icon:
It means that any information you submit is encrypted and will securely reach the intended website, and is unable to be intercepted and deciphered along the way by cybercriminals.
Even though a page is secured by HTTPS, it does not automatically mean the page is safe. It ensures that the information you send gets to the receiving website securely, but if the receiving site isn’t reputable, they could use it maliciously.
Recommendations:
Public Wi-Fi, in general, is very insecure. You should treat every single public Wi-Fi connection as compromised or unsafe because all of that data can be intercepted by someone else in this network.
Recommendations for using public Wi-Fi are:
Despite a website’s credibility, displayed advertisements could potentially infect your computer or mobile device with malicious content. Hence, it’s crucial to remain cautious not only about websites but also about the advertisements they display.
Moreover, free items such as music, movies, game cheats, and similar content are frequently loaded with malware and often do not match their descriptions. Engaging in piracy is not only illegal, but also exposes individuals to malicious actors who specifically target those seeking free content.
Recommendations for search engine safety:
Typically, users are very honest when it comes to security questions. Especially about details like their mother’s maiden name or pet’s name. This becomes a significant concern, particularly when people have social media accounts. It’s advisable not to provide truthful answers to these questions, because given information can be found on the internet.
It’s common practice to use identical passwords across multiple websites, which can become a gateway to potential identity theft. Once unauthorized individuals gain access to your passwords, they have the power to significantly disrupt your life by altering them, sending unauthorized emails, and accessing accounts that you wish to keep private.
Most people use weak and repetitive passwords across various websites. The best solution here is a password manager. While web browsers like Chrome, Firefox, and Internet Explorer have their own built-in password managers, these options can’t match the security of dedicated ones. Browser-based managers like Chrome and Internet Explorer store passwords on your computer in an unencrypted form, risking exposure to anyone who accesses your computer files unless your hard drive is encrypted.
Password managers offer encrypted password storage, assist in generating secure, random passwords, provide a more robust interface, and enable convenient access to passwords across multiple devices. With a dedicated manager, you only need to remember the master password.
Use two-factor authentication to safeguard against weak or compromised passwords. Prefer mobile apps or push authentication for enhanced security over SMS or text messages, as SMS relies on your cellular service. Although rare, if an attacker gains access to your phone, they could bypass your password or fingerprint by transferring the SIM card to another device and receive one-time passwords, compromising the security of your accounts.
Recommendations for password safety:
by Taras Zeles, IT Department Manager at Vector Software Security awareness of employees plays a key role in saving company information. Equipping employees with the necessary knowledge and skills to navigate the online sphere safely ensures that organizations safeguard their data, thereby fortifying their defenses against cyber threats. In the absence of a robust cybersecurity […]
https://itcluster.lviv.ua/wp-content/uploads/2024/05/vector_stattya-2.png