You must all be aware by now that there are cybercriminals lurking behind every computer connection, waiting to separate your business from its money. If you aren’t, you should have come to our Cyber Security Chamber webinar (Slides HERE) You can also learn plenty by checking out our blog posts HERE
When it comes to phishing emails, do you reckon you are savvy enough to resist the bait?
Can you trust your team to avoid clicking on a link and serving up their password on a platter to the hacker?
Do you still believe that you are just a minnow so the criminals couldn’t possibly be interested in your company?
Well, here’s a cautionary tale for you. This happened this month.
A solicitor we know was happily going about his business when he was informed that he had been sending out fax download emails to all his contacts. It turned out that he had put in his password onto a phishing email to get access to a fax message, and the hackers duly sent out thousands of emails from his account. He was completely oblivious of this, as the hackers set up email rules hiding any responses in his archive folder.
In fact, he only found out that this was happening when the recipients forwarded the email to other staff at the practice and picked up the phone to check if he had meant to send the email.
Is this a problem?
Well, the hacker had access to his client data and could use the passwords to access other accounts if he reused the same one on several sites. He also gifted thousands of new targets for a phishing attack when he granted access to his account.
Not good for his reputation either. If customer data has been compromised, you need to report the attack to the ICO (Information Commissioner’s Office). If your clients see you sending out dodgy emails (due to being hacked), will they lose confidence in your company? Can they trust you with their personal data?
Get Computer Troubleshooters to beef up your email security today.
To slow down the cyber criminals, you should consider taking steps:
- Make your passwords complex and unique. Use a password manager. We use Dashlane, but there are several good options on the market.
- Introduce Multi Factor Authentication (MFA). That way, even if the password is revealed, the hacker cannot log in.
- Train your staff. Ask us for our security awareness training recommendations. The best ones include phishing tests to check that your team have taken the lessons on board.
- Get your team to watch these free security awareness videos.
If you think you may have been hacked, call us NOW – 01732 300064. Taking swift action limits the damage.
If you are ready to improve your email setup, please get in touch. Those phishing baits won’t be looking so tasty anymore!