Reader Advisory

Some articles posted in The SlickMaster's Files may contain themes, languages, and content which may neither appropriate nor appealing to certain readers. READER DISCRETION is advised.

Saturday, June 20, 2020

Newsletter: Secure your SMBs: Tips on how to fend off dangerous phishing emails

06/18/2020 06:06:35 PM



Author's Note: As some countries eventually made their adjustments come the new normal as brought by the COVD-19 pandemic, small and medium businesses (SMBs) are warned against the dangers of phishing that make its way through emails.

That being said, the global cybersecurity company Kaspersky has listed some tips on how such scaled business firms would spare themselves from any possible perils of this cyberattack.

Read that more in the press release below:


The COVID-19 pandemic is not totally over, but shelter-in-place orders gradually are. Starting this month, many countries in Southeast Asia are gradually lifting their different forms of lockdown. Some companies are ready to use their well-designed business continuity plans, but those are going to be a very small percentage in the SMB industry. Returning to work post-physical restrictions, SMBs are facing a wide range of challenges including cybersecurity threats.

Based on the latest statistics from Kaspersky, the global cybersecurity company’s Anti-Phishing System prevented 834,993 phishing attempts against companies with 50-250 employees in the first three months of 2020. It is a 56% increase compared with the same period last year with just over 500k fraudulent attempts blocked. In terms of per country statistics, all of the six countries in SEA registered an increased number of fraudulent emails blocked by Kaspersky in Q1 2020 as compared with the same period last year.



“It is undeniable and totally understandable that economic recovery and employee health are particularly important for businesses post-lockdown. However, it is essential to not overlook cybersecurity as SMBs gear up to return to business as usual. In the 21st century, phishing attacks are by far one of the most popular forms of cybercrime, which increases in quality and quantity every day. Its danger can range from a simple virus which can be scanned quickly to a multi-million-dollar heist, such as the case of the Central Bank of Bangladesh back in 2016, which was made possible by a targeted phishing email,” says Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

“There are some common signs among phishing emails that users should be particularly aware of, such as suspicious attachments or links, poor grammar, spelling errors, unprofessional graphics, unnecessary urgency about verifying your email address or other personal information being asked immediately. Cybercriminals are piggybacking on anything related to COVID-19, too! So to protect organizations from phishing attacks, SMBs should look into securing their email systems and their endpoints as well as empowering their employees about the basic but highly important online habits”, adds Yeo.

To further fend off the risk of phishing attacks, Kaspersky experts suggest the following for SMBs:

Teach your employees about the basics of cybersecurity

For example, not opening or storing files from unknown emails or websites as they could be harmful to the whole company, or to not use any personal details in their passwords. In order to ensure passwords are strong, staff should not use their name, birthday, street address, and other personal information.

Regularly remind staff of how to deal with sensitive data, for example, to only store it in trusted cloud services that need to be authenticated for access and that it should not be shared with untrusted third parties.

Since the human factor plays an important role in this type of threat, Kaspersky has also launched a 20-30 minutes free online course, which tackles how companies can secure their current remote working environment. It is accessible through this link.

Employ a password-change policy to your employees

Passwords protect all computers and other devices. Your IT security policy should cover strong password use; also set up a password-expiration policy to force users to change their passwords every 90 days. Avoid logging in to online banks and similar services via public Wi-Fi networks. Hotspots are convenient, but it’s better to use a mobile connection or wait to get to a secure network than to lose all of the money on your credit card or in your bank account. Open networks can be created by criminals who, among other things, spoof website addresses over the connection and thereby redirect you to a fake page.

Patches, updates, and legitimate software

Cybercriminals also tend to exploit vulnerabilities in software to compromise systems. For this reason, it is essential to set aside a time to run patches and updates that are regularly issued by software companies. SMBs should also use only legitimate software to avoid falling prey to attackers targeting the security loopholes of pirated tools.

Install comprehensive security software across all your devices

You need security on everything - servers, PCs, and other connected devices. Set it up to stay up to date and renew it on time. As emails are key communication platform for SMBs, Kaspersky also offers in SEA six months free licenses for Kaspersky Security for Microsoft Office 365. This tool is an advanced, all-in-one threat protection for Microsoft Office 365’s communication and collaboration services. It curbs the spread of malicious threats including ransomware, viruses, Trojans, phishing, among others. Interested companies can find out more about this promo via this link.

Author: slickmaster | © 2020 The SlickMaster's Files

No comments:

Post a Comment

Feel free to make a comment as long as it is within the bounds of the issue, and as long as you do it with decency. Thanks!