According to Verizon Data Breach Investigations Report (DBIR) 2019, 94% of malware was delivered via email, so yes, phishing is a big deal. Other tips to spot a phishing email are:
1) Watch out for suspicious attachments. All emails with attachments should be treated with caution especially if they have an unfamiliar extension (.exe, .html, .zip, etc.)
2) Fake Reply-to address. Some phishing emails have a fictitious reply-to address, instead of “microsoft.com”, it may be “rnicrosoft.com” or “microsoft.something.com”. Note that it is very easy to fake a reply-to address.
Further, if you work in accounting or payments in your office, then you should beware of these subject lines as they are the top five subject lines for business email compromise (BEC) attacks:
1) Urgent 2) Request 3) Important 4) Payment 5) Attention
Finally, here are a few tips to stay safe from phishing:
1) Don’t click links you didn’t ask for. For example, if you’re expecting an email from a co-worker with a link to a service then that’s okay. Any email with a link you’re not expecting should be treated with caution. If you need to click the link, right-click and copy and paste it on the website below:
Small businesses are not a target of cybercriminals – Myth or Truth?
You may not be interested in cybercriminals but they are very interested in you and your business.
This is because most small businesses present less of a challenge due to poor security measures and a false belief that the resources and information they store is of little interest to anyone.
If this is your mindset as a business owner, then be wary. Know that whatever data you have can be sold on the dark net or your devices can be rented out for botnet attacks or used to promote other scams.
Start practicing safe cyber hygiene, don’t be a victim!
Only the IT department is responsible for Cybersecurity– Myth or Truth?
The fact is Cybersecurity is a shared responsibility. Just as an organization requires all hands to be on deck to achieve its objectives, likewise, the efforts needed to keep an organization safe goes beyond any individual department.
Every staff in a company has a role to play as it concerns cybersecurity and safeguarding the organizations’ digital assets.
A Strong Password is enough to save you from getting hacked – Myth of Truth?
Having a strong password is good and necessary, but it doesn’t provide absolute security.
This is because you’re not the sole protector of your passwords, you share that responsibility with those sites providing you a service. If they get hacked, then the bad guys can obtain your password.
Also, the problem with using a password for verifying the identity of a user is that it doesn’t prove the person logging in is that particular user, all it proves is that the person knows the password. To improve the process, there is a need for an added means of verification.
What is called Two-Factor Authentication(Multi-Factor Authentication) helps with the issues highlighted above by providing an added means of verification.
So don’t delay, turn on Two-Factor Authentication for your email and other sensitive services. Yes, imputing an authentication code or swiping your fingerprint will make logging in a little bit longer but this cannot be compared with the immense inconvenience of losing control of your account.
Cybersecurity does not concern small businesses – Myth vs Truth?
Cybersecurity is all about protecting systems and networks from digital attacks. No matter your business or profession, as long as you use technology, you should be concerned about cybersecurity.
This is because there are people called cybercriminals whose sole aim is to attack you. They are out to make as much money as possible and will use any means available to them, and unfortunately, there are a lot of ways they can make money off you.
For example, they can hack your devices and rent them out to be used in a botnet. Your email address and other contacts stored on your email can be sold to spammers. Your social media accounts could be used to defraud your friends, family, acquaintances, and used to promote other scams. Sensitive information obtained can be used to blackmail you or break into your financial accounts.
Cybercriminals keep getting creative about ways to use information obtained from their targets to make money, hence you should be very concerned about cybersecurity
A Free Antivirus solution provides sufficient protection – Myth or Truth?
Earlier this year news started making the rounds of a free antivirus that was selling its users browsing data. Aside from having your data sold to marketers, the main issue with free antivirus is that they measure up to their paid counterparts. Take a moment and consider this, most free antivirus has a paid counterpart. Why would antivirus makers do this if the free version provided equally good protection?
The fact is a paid antivirus software comes with a broad range of features as opposed to a free antivirus solution. Some paid antivirus software comes bundled with Anti-phishing, VPN, Anti-ransomware, password managers, etc.
Knowing this, people try to get around this by using cracked versions of these paid antivirus solutions. But this is dangerous as cracked software might contain backdoors (hidden code that can give unauthorized access) that can expose devices to malware.
While using a paid antivirus software cannot protect you from every threat that is out there, it is an important part of a defense in depth strategy.
Pirated Software Can Help You Save Money – Myth or Truth?
As a business, there is an ever-present temptation to use pirated software as a means of reducing costs.
But this consideration is shortsighted because using pirated software can actually exponentially raise costs overall.
This is because such pirated software can come embedded with malware, while others require the user to visit certain websites to download activation keys where such malicious websites then install malware onto the user’s computer.
The time and money spent removing malware, plus the loss of confidential data or reputational damage incurred using such pirated software far exceeds the cost of buying a genuine product.
Rather than using pirated software, open-source software offers an alternative when facing the cost question. The bottom line is, use an open-source alternative if you can’t afford the cost of a particular software.
There is no need to pay for expensive Cybersecurity solutions – Myth or Truth?
There is no such thing as 100% security, and since the threat landscape is continually evolving, why pay so much for Cybersecurity solutions?
While no Cybersecurity software or solution can provide 100% security, they can provide adequate protection. Remember, Cybercriminals will go first for the low-hanging fruits (easier targets), and implementing a Cybersecurity solution can save you and your business from being an easy target.
Also, you must consider the cost of implementing a Cybersecurity solution versus the cost of suffering a cyber attack. The cost of fixing a cyber attack can be quite high depending on your industry and then there are other indirect costs to consider such as lawsuits from customers, fines for compliance violations, customer refunds, lost sales opportunities. etc. These costs could be higher if a business or organization is forced to shut down its day to day operations due to a cyber attack.
Finally, a cybersecurity solution cannot be ruled out because of cost without a reference to the overall risk strategy of the business or organization. As the level of perceived risk increases, so will the level of cost that needs to be invested. Overall, good things don’t come easy as such you can’t expect a good Cybersecurity solution to be cheap or cost nothing.
Email and Social media the two most used digital resources, almost everyone has an email or social media account. Given their almost universal nature and importance, cybercriminals are always on the lookout for ways to infiltrate them.
To keep your email safe you should:
1) Keep an eye on your account activity info by checking security notification 2) If you get an email that you’re sure is spam, don’t open it, don’t try to “unsubscribe,” unless you’re sure the sender is reputable. Simply mark the email as spam.
To keep your social media accounts safe you should:
1) Don’t give out personal info 2) Limit who can see your posts 3) Periodically check your privacy settings and update accordingly 4) Search for and delete old posts containing sensitive information
According to Google’s Transparency Report, 1.4 million websites made its list of “Sites Deemed Dangerous by Safe Browsing” category, as of February 24, 2019.
Surfing to these dangerous sites could could result in your personal or financial information being stolen or your device becoming infected with malware.
Below are a few tips to help you identify fake website:
1) Look up the domain age By checking the age of a domain, you cam tell how long that website has been in existence. This can aid spot fraudulent websites because such are usually new. You can check for the age of a website at https://whois.domaintools.com/
2) Run a Scan If you’re suspicious of a website, there are several free resources on the internet that allow you to do a quick scan for malware, phishing, and known scam websites. Here are a few below:
If you’re on a business website, then it should surely have a link to a page that states the terms and conditions of purchasing services and products. If this is unfavorable, obscured, or missing, then the site should not be trusted.
Internet access has become ubiquitous in Nigeria. As of June 2019, figures from Statista showed that Nigeria had 123.49 million internet users. Out of this figure, 74 percent of web traffic was generated via smartphones, and only 24 percent via PC devices. This state of affairs was brought about due to the availability of cheap android phones which resulted in more people including seniors going online.
Today, it is common to see seniors having Facebook and/or WhatsApp accounts to communicate and stay in touch with family members and friends. Also, many open personal email addresses to send messages and sign-up for services. However, this good indulgence has put many of them at risk as they may be taken advantage of because of their limited knowledge about technology. Hence, the first episode in our Cybersecurity Awareness Month Webinar series seeks to explore the ways malicious actors are targeting seniors for cyber fraud using social engineering and ways they can be protected.
This event is a free, don’t miss it, Click the button below to book your spot.