Posted on 01 Jun 2020
If dealing with the challenges of a pandemic wasn’t enough, you and your business also must face up to the increasing number of cyber threats. Scammers are constantly adapting their tactics and have wasted no time in using COVID-19 as a tool to target financially vulnerable victims and businesses whose employees are working from home.
Phishing Emails…be on your guard
Phishing emails are the most prominent form of scam. During March 2020, ActionFraud reported a 400% increase in Coronavirus related phishing emails. Many of these emails, targeted at businesses, were impersonating HRMC or GOV.UK with information relating to Government grants or furloughing scheme, with the aim of obtaining bank details or stealing your passwords. Usually these emails would contain a link to a fake website which would then collect your information to extort money or obtain password information.
It's not just phishing
Phishing isn’t the only form of cyber threat you need to be aware of - the threat from others forms of scams are still out there.
Ransomware, where a person is tricked into visiting a malicious website which then downloads software to your computer. This malicious software encrypts your data usually threatening you that the data will be permanently inaccessible if you do not pay a fee. The malicious software doesn’t stay contained on one computer, if you have access to files on your company’s server, these will also be encrypted.
Mandate/Invoice Fraud is where you receive an email purporting to be from a supplier or a company director. These emails are targeted at those users in your company who deal with payments; usually requesting a change of bank details or a request to make a payment by bank transfer.
Brute-force (dictionary) attacks, may target your email accounts or remote access systems. The attacks try to gain access to these systems by trying common passwords, in many cases, these attacks are automated so thousands of passwords can be tried in a short period of time. If your users have weak passwords, this type of attack would be incredibly effective.
What protection is available?
From an IT perspective, there are measures that Impact Computing can put in place to try to mitigate against these threats.
For email-based threats, if your company is using Microsoft 365 (formally Office 365), there is built-in protection available. Basic protection from malware is available in all Microsoft 365 subscriptions which aims to prevent malicious emails with attachments from reaching your mailbox.
For added protection, Microsoft offer Advanced Threat Protection (ATP). This is available as an add-on to your existing subscription but is included with Microsoft 365 Business Premium plans. ATP guards you against phishing emails by scanning links and attachments before they are opened. Users are also warned when fake emails from a company directory are detected. Impact Computing will work with you to tailor this protection to your business.
If one of your computers gets infected with malicious software, your antivirus software won’t always catch it, as these malicious applications constantly evolve to evade detection. Quite often, the first time you notice something is wrong is when you cannot access one of your files and by that time, the malicious software has already encrypted hundreds or thousands of your files not just on your computer but your company server as well.
Unless you want to pay thousands of pounds to the scammer in the hope that they will restore your files (not always guaranteed that they will), the most effective and quickest resolution is a good backup solution. With a Datto backup solution from Impact Computing, you have the peace of mind that the data stored on your company server is protected both on-site and in the cloud. Once the source of the infection has been isolated, this solution allows your company data to be quickly restored with minimal downtime for your business.
The weakest link
Even with all the available technological solutions, none of these give 100% protection from cyber threats. In the end, the last line of defence are your employees and I think its probably right to say that they are also the weakest link.
Most of your staff will be familiar with the fact that email scams are a threat but how many of them actually know:
- How to identify a suspicious email?
- The importance of secure passwords?
- Not to use the same password for multiple services?
- What to do to report a suspicious email or a potential breach?
Impact Computing proactively monitors for suspicious activity on your Microsoft 365 accounts and will act if we spot unusual activity. When we do detect this activity, it is usually after an account has been compromised and, if the account has been compromised for some time, the damage may already have been done. That is why it is important that users report anything suspicious as soon as possible.
Educate your staff
We have seen companies get breached and some who have lost money to scammers. In a few cases, the same user is compromised multiple times. Clearly, educating your users is of utmost importance particularly now that under GDPR, breaches must be reported to the Information Commissioners Office. Failure to do so can be extremely costly to your business. The eye-watering fines for this could be up to €10 million or 2% of your company’s global annual turnover.
Ignorance is never an excuse; the security of your company’s data and its systems are of paramount importance. Technological solutions combined with vigilant users are the key to beating the scammers.
The National Cyber Security Centre recommends these key points your users need to know:
Defend against phishing attacks
Know the techniques that phishers use in emails, how to identify these emails and what to do if a link is clicked in them.
Secure your devices
Don’t ignore software updates – this not only applies to your PC and laptop but also your tablet and smartphone. Impact Computing will ensure your company equipment receives the latest security updates, but users need to ensure their personal devices are kept up to date especially if they are accessing their work emails and files on those devices. Those devices should also have PIN, password or fingerprint/face ID protection enabled.
Use Strong Passwords
Create strong passwords for all your business accounts. Use password managers rather than writing down your passwords. Use two-factor authentication for important websites and services.
Report Incidents Promptly
If you are in any doubt as to the authenticity of an email, do not hesitate to ask for guidance. The Impact Computing support teams are always happy to take a look.
If you do notice anything suspicious, or you believe you may have clicked on a suspicious link, report it immediately. It’s OK, we all make mistakes but failing to report it promptly could be an even bigger mistake.
Phishing emails can now be forwarded to firstname.lastname@example.org. This is a new service run by the NCSC (National Cyber Security Centre), they will look at the phishing email and will act to take down any malicious websites.
If your company has been unfortunate enough to lose money to a scammer, this should be reported to ActionFraud through their website actionfraud.police.uk.
The team at Impact Computing have been working hard to produce training articles and videos which will aid in the education of your users. This material can be found on our help centre and our YouTube channel.
The NCSC offers a free online cybersecurity training course for your users which can be accessed here: https://www.ncsc.gov.uk/training/top-tips-for-staff-web/story_html5.html
If you want to discuss your company’s cybersecurity, please call us on 01772 684 282. Whether you are an existing client or want to find out how we can assist your business, our team is happy to help.