Hackers are becoming more sophisticated all the time and are working hard to create ways to infiltrate your business. The myth that having an anti-malware program will protect you is really just a false sense of security. These programs are reactive and update the definition files to match the signatures of new malware in response to new attacks.
Here are a few of the more common ploys hackers use, and how you can stymie their efforts beyond just an anti-malware program.
Email phishing is one of the oldest hacking techniques out there. It”™s been around for a long time, and for good reason ”“ it works.
Criminals send out mass emails that appear to be a genuine email from FedEx, PayPal, a bank, a subscription service or some other institution most people probably have done or will do business with, which immediately instills a level of trustworthiness. The email asks you to verify the account or delivery information by clicking on a special link. Once people click the link and enter their login information, the hackers get in and steal your money.
For every 100,000 people targeted, 400 will fall victim to phishing. With criminals targeting tens of millions of people every year, it”™s easy to see why it”™s a compelling and lucrative criminal activity.
Spinning off from traditional phishing, there has been a significant rise in personal phishing. This technique involves the hacker contacting a target and telling them they have been the victim of an attack. The criminal offers to help them and stop any further theft, asking them for the confidential information they are saying has been stolen (for example, Social Security numbers or bank information).
Something as simple as regular, ongoing training about these types of attacks goes a long way toward preventing the attacks. In fact, it”™s the single best method for keeping employees from unintentionally giving out information that could put your business network at risk.
Following up with regular reminders to be on the lookout for suspicious emails with attachments, pop-ups asking for personal information or criminals posing as the authorities helps to reinforce the effectiveness of this education.
Another way to avoid hacking is by implementing a good password policy.  Despite the warnings, password hacking is still one of the top ways criminals gain control of your network and steal data. Most of the time, they take advantage of the fact that people are still using simple passwords or have never changed the original password that came with the device. This is especially risky since websites exist that provide default usernames and passwords for almost every modem or router ever made, so with simple trial and error a motivated hacker can gain access to your network, your company data and anything else that is on your network.
Changing all of the default passwords before you put new equipment or software to work on your network, enacting a password policy that requires regular changing and the use of letters, numbers and special characters, and training your team about the need for strong passwords are the least expensive and best methods for securing your network.
For extra security, using a cloud-based data protection system to supplement the strong password policy is a great dual line of defense. These are typically subscription-based services that can provide you with worry-free cybersecurity protection for an affordable monthly price.
Additionally, for a small monthly fee you can also add an email filtering service that will check every incoming email against a list of known attackers and then block any coming from those addresses before they get to you.
A final word of caution: everybody loves to get free stuff. But if you”™re a business owner, downloading free software is never a good idea.
There are programmers who write freeware or shareware. Not all of them have malicious intent ”“ in fact, the large majority don”™t ”“ but there are those who do and they write ransomware programs like Cryptolocker or embed viruses like Sasser in freeware and shareware. These programs cost American businesses hundreds of millions of dollars a year in real dollars and productivity loss.
Even the non-criminal programmers don”™t have quality assurance departments to test their software to make sure it won”™t delete data or corrupt systems. Unless you can be certain that the freeware or shareware is absolutely safe, it”™s best to spend the money because sometimes free costs a lot more.
Al Alper is CEO and Founder of Absolute Logic, a technical support and technology consulting  company in Wilton for businesses of up to 250 employees, and a national speaker on IT and security issues. He can be contacted at al.alper@absolutelogic.com or 203-936-6680.Â
