blog | zinner & co.

5 Steps to Avoid Phishing Attacks

Written by Zinner & Co. | Sep 3, 2019 10:37:39 AM

 

There's a threat called Phishing and it can put your entire organization at risk. Phishing, a technique malefactors use to steal sensitive information such as user names and passwords, is a growing segment of crime.

Phishing typically involves the use of an authentic-looking email or website that prompts you to enter sensitive data that can be used to hack or hijack your business's systems. Phishing techniques are becoming increasingly sophisticated and more difficult to spot and prevent. But there are a few things you can do to decrease the odds of your organization falling prey to phishing attacks:

  1. Use virus and malware software (and keep them up-to-date) – To protect your organization, you should be running virus protection on every device that uses your network. Every machine should be set to perform automatic updates. While no system will prevent every threat, most modern security suites catch the vast majority of threats.

  2. Policies and practices – Your organization should have strict policies related to the use of company computers. These policies should include:
    1. No use of unapproved hardware or software on the network.
    2. No use of thumb drives or unapproved external storage devices
    3. Limit the use of private personal email on company computers
    4. No opening emails from unknown individuals or organization
    5. Only open attachments after they have been scanned for viruses

  3. Keep your operating systems and browsers updated – Keeping your software up-to-date offers an additional layer of protection against phishing attacks and viruses. Use automatic updates to ensure these systems are always current.

  4. Check your online accounts regularly – One of the best lines of defense is vigilance. If you notice irregularities in any of your online accounts, immediately reset password.

  5. Implement 2-Factor Authentication – Many IT companies now offer (or in some cases require) 2-factor authentication. That's where a new logon requires a  call, text or email of a code to complete or authenticate a login. This extra step makes it much more difficult for hackers and phishing bandits to successfully use your credentials, even if they do manage to capture them.

Phishing is an undeniable threat companies and even entire cities have been brought to their knees by phishing attacks. In the past, common sense was all you needed to stay safe, but as threats have evolved, greater care and vigilance must be used. If you have been the victim of identify theft through fishing, contact us and ask about our identify theft solutions.