In today’s rapidly advancing technology environment, new threats emerge every day which can prove problematic to your business. If you don’t consider yourself “tech savvy,” it can be tempting to throw your hands in the air because you can’t keep up with all the latest threats and how to combat them. The reality is that there are a multitude of easy ways you can make a difference for your personal and organizational security. From time to time, the enVista blog will give you a few easy-to-implement changes that can go a long way in keeping you safe.
Email has become the ubiquitous method of communication between businesses and even among employees in the same office. For this reason, it is essentially important for all employees to practice good habits to keep themselves, and the company, secure.
First, a review of some basic practices that you should already be mindful of regarding your email:
- Use strong passwords
- Don’t click links in spam emails or from unknown users
- Don’t open unsolicited attachments
- Scan for viruses and malware
- Beware of public Wi-Fi
Phishing is an attempt to gather information or unauthorized access through the use of social engineering. Phishing attacks could come in the form of emails or telephone calls. Most of us are familiar with the “Nigerian Prince” style of phishing emails. The type where a person promises a large sum of money if you provide them personal information about yourself or a smaller amount of money up front. Less obvious than the emails asking you for money or information are the emails that provide an attachment or link that is used to install malware on the user’s machine.
“Spear Phishing” is a targeted form of phishing. Spear phishing is directed at a set of targets which allows attackers to develop more sophisticated attacks that are more difficult to succeed. Spear phishing targets are typically users who are more likely to have elevated privileges or access to valuable sensitive information. “Whaling” is a type of spear phishing attack typically directed at top level executives or officials.
It is easy for an email inbox to become cluttered and clogged with spam and promotional offers. It seems like every week something new is requesting an email address that will be used to send out promotional offers. Most of these emails will also have a link included in them to unsubscribe from the offers emails. While it may be tempting to try and unsubscribe from all of the promotional emails and clean up your inbox, this is not the best course of action. If any of the emails that appears to be a promotional email is in fact a phishing attempt that was not blocked by a spam filter, the unsubscribe link could direct you to a site that will install malicious software on your computer. In addition to installing malware on your machine, these links also will not prevent you from receiving emails from this sender in the future.
The best way to address these emails and keep your inbox clean is to create rules in your email client to block these senders to prevent you from receiving emails in the future. If the email is from a vendor that you may want to receive email from, then classify the email as spam, and future emails will be sent to your spam folder where important ones can be retrieved. Dealing with these senders on the email client will help you prevent accidentally downloading malware to your machine and help keep your inbox tidy and efficient.
Above all else, a good rule of thumb is to just use your head! If it smells “phishy,” it probably is! Stay tuned for more enVista blogs on IT security. In the meantime, check out some of enVista’s Technology Security Solutions.