It’s getting ugly out there. In the last four weeks, I’ve seen more successful “hacking” attacks within the promotional products industry than ever before. I am confident the attacks are 3 to 4 times more prevalent than they were just several months ago. This is creating havoc for everyone from suppliers to our buyers.
The most prevalent form of attack lately is coming from malicious emails. These emails usually have an attachment asking you to click a link within the attachment. Some of the attachments are capable of doing bad things just when you open the attachment. The hackers are smart, as they name the attachment things like “PO” and other titles to make you want to open the document. Once opened, the attachment can take over your email and begin to send the bad document to everyone in your email address book. In addition, the attack begins to harvest your address book for future attacks.
It’s getting dangerous out there, and it is time you make security a bigger priority. The cost of lost files is high, but in addition to losing files, you risk losing clients who are exposed to a threat because of you. We must be vigilant and ensure we are protecting our clients, which starts with protecting ourselves.
There are many ways to protect yourself, but there are four very common and critical things you can take action on now:
1. Ensure you have trustworthy and always up to date antivirus.
I highly recommend Sophos for both business and home. The business price is reasonable and includes up to 10 computers for home users.
2. Ensure your operating system and applications are patched.
Most readers have auto-update turned on for your operating system, but take a moment to be sure by following these instructions. What most people do not do is keep the rest of their applications patched. If you are on a managed device, your network team should be doing it for you. For your home or home office computers, consider using a free tool like Patch My PC, which will help keep your software patched. On a related note, if possible, remove JAVA as well as FLASH as both are security nightmares.
3. Do not click suspicious links or open suspicious emails.
This is currently the most common exploit being used in our industry. Given the amount of email, we are all prone to click things when busy, and the criminals are counting on that. You (and me, and all users) are the weakest link in cybersecurity. Before clicking link, move your mouse over the link and carefully look to see if the web address is what it should be. Hackers prey on the ability to post a link that says one thing but take you to another place. When you click something that is malicious, they can begin taking action the moment you click it. You might be lucky and get a warning on your computer asking for admin privileges. If you get a warning, do not give privileges. If you are taken to a site to enter your information, see the next tip.
4. Do not give out information unless you are 100 percent sure you trust the person/site you are giving it to.
Once you give your password and email to a third party, you can be completely locked out of your own email. Do not ever give your password to a third party that you are not 100 percent confident in.
