Do Your Employees Know What To Do If A Scam Email Comes Across Their Computer Screen?
It seems that the phishing nets are still being cast far and wide. And despite attempts by businesses in Las Vegas to keep their employees from falling victim, they still are.
How Is Network Heroes Helping To Prevent Internet Scams From Hurting Companies In Las Vegas?
Our “Hero” Jon Matero, the owner and CEO of Network Heroes, was recently featured on 8 News Now TV where he shared important and relevant information about the recent phishing attacks in Las Vegas. As you’ll see in the video clip we provided, there are a lot of phishing emails circulating that folks are falling for.
In addition, we’ve seen Instagram attacks where people’s accounts are being taken over, and false info and photos are being posted. This is not only embarrassing, but it could also ruin a person’s reputation and credibility.
Check out the 8 News Now TV Interview featuring Jon here.
Why Is Your Business At Risk?
This is all very frightening. Your business data is at risk if just one of your employees clicks on the wrong link in an email.
Phishing emails come in many forms – sometimes from senders pretending to be a bank or online merchant to get information from you, or from a well-known company like Microsoft or Apple alerting you to a problem with your account.
All of these phishing emails have the same goals – to infect your computers with ransomware, steal your data, and hold it for ransom.
You’re Not Alone In This – How Can We Help You Protect Your Business?
Even the U.S. Government is concerned. They recommend you take the following preventive measures to protect your computer networks from falling victim to phishing and ransomware infections.
You can’t do these things on your own. You need the help of IT security specialists and a Network Security Assessment.
Prevention Measures The Federal Government Recommends:
- Implement an awareness and training program. Because end users are targets, employees and individuals should be aware of the threat of ransomware and how it is delivered.
- Enable strong spam filters to prevent phishing emails from reaching the end users and authenticate inbound email using technologies like Sender Policy Framework (SPF), Domain Message Authentication Reporting and Conformance (DMARC), and DomainKeys Identified Mail (DKIM) to prevent email spoofing.
- Scan all incoming and outgoing emails to detect threats and filter executable files from reaching end users.
- Configure firewalls to block access to known malicious IP addresses.
- Patch operating systems, software, and firmware on devices. Consider using a centralized patch management system.
- Set anti-virus and anti-malware programs to conduct regular scans automatically.
- Manage the use of privileged accounts based on the principle of least privilege: no users should be assigned administrative access unless absolutely needed, and those with a need for administrator accounts should only use them when necessary.
- Configure access controls—including file, directory, and network share permissions— with least privilege in mind. If a user only needs to read specific files, the user should not have access to other files, directories, or shares.
- Disable macro scripts from office files transmitted via email. Consider using Office Viewer software to open Microsoft Office files transmitted via email instead of full office suite applications.
- Implement Software Restriction Policies (SRP) or other controls to prevent programs from executing from common ransomware locations, such as temporary folders supporting popular Internet browsers or compression/decompression programs, including the AppData/LocalAppData folder.
- Consider disabling Remote Desktop Protocol (RDP) if it is not being used.
- Use application whitelisting, which only allows systems to execute programs known and permitted by a security policy.
- Execute operating system environments or specific programs in a virtualized environment.
- Categorize data based on organizational value and implement physical and logical separation of networks and data for different organizational units.
Business Continuity Measures The Federal Government Recommends:
- Back up data regularly. Verify the integrity of those backups and test the restoration process to ensure it is working.
- Conduct an annual penetration test and vulnerability assessment.
- Secure your backups. Ensure backups are not connected permanently to the computers and networks they are backing up. Examples are securing backups in the cloud or physically storing backups offline. Some instances of ransomware have the capability to lock cloud-based backups when systems continuously back up in real time, also known as persistent synchronization. Backups are critical in ransomware recovery and response; if you are infected, a backup may be the best way to recover your critical data.
Something Else To Consider – Dark Web Scanning From Network Heroes
Criminals take the data they steal in phishing and other scams and sell it for profit on the Dark Web. Your business data, account information and more could be there if you’ve been victimized by phishing and ransomware.
Dark Web Scanning scans the Dark Web on a 24/7 basis to ensure your business data is secure. Our Dark Web scan locates the data and gives us a report on what was compromised. Plus, we have a security training course and phishing campaigns that will help teach your employees to be more alert when it comes to opening emails and detecting them as phishing scams.
Final Words From Jon
We do everything online today. This convenience comes with risks. You must be vigilant and not just hope that the people in your business you trust are doing the best they can to protect your business data. Instead, you must help them do this. That’s why Network Heroes exists. Our goal is to make sure you’re prepared for the tricks that cyber thieves use to steal data.
For more information about any of the solutions we mentioned in this article, contact the IT Security Team at Network Heroes.
In the meantime, if you liked this article and Jon’s TV appearance, we have other information you’ll find helpful. Check the News & Info link on our website. Here are some examples of what you’ll find: