Scammers don’t just target big companies. In the press you hear all the big numbers from big events – WannaCry – 250,000 computers globally and parts of the UK’s NHS, HBO’s Game of Hacks – HBO lost data and new releases, NotPetya – Maersk was one of the biggest headlines, Facebook and Google fall for Targeted $100 million Phishing attack, THE Equifax Breach, 3,000,000,000 Yahoo’s and this is just a few from 2017.
Behind these large headline grabbing events are the many micro and small businesses that are also being attacked. Its not true that hackers only go after large businesses. Scammers and Hackers throw a wide net and small businesses are falling into their traps.
For small business security is often not a high priority and many companies don’t have the skills. For this reason they are often caught up in the scams and attacks and are vulnerable to loosing data, suffering financial loss or worse reputational damage.
Most cyber-attacks start with phishing, this is a technique where a hacker will try to trick you into giving away sensitive information that will allow them to break into your accounts.
Phishing attacks usually come via email, often disguised as something legitimate – the use of the Tax office is a common attack or, recently, mass attack where hackers sent out fake Uber receipts, with a link at the bottom to a bogus complaints website. These emails looked genuine, the hacker is trying to get you to click on something and when you do….. you give the hackers access to your system.
So how can you tell the fake emails from the real ones? The first thing is to be aware, know that it can happen to you and your company. It can be tricky to see, but these are the top tips.
- Don’t click links blindly – think before you click. Use your mouse to hover over the link, this will show you the URL. If that doesn’t match up to the URL you’re expecting, then delete the email.
- Treat emails with attachments with suspicion. Attachments are used to down load packets on to your machine. If you receive an attachment that you’re not expecting and you don’t recognise the sender, it could well be a phishing attempt. Delete.
- Again on attachments – sometimes you can be asked to “enable macros” when you open it. Don’t, unless you know the person and it is from their business email.
- If you’re in any doubt about the legitimacy of an email, don’t open any attachments from it or click any links. Always check with the person – using a NEW clean email or phone – replying to dodgy emails might be playing right into the phisher’s hands.