A week doesn’t go by without the publication of another virus/ransomware/hacking story. Unfortunately, people still are getting caught out and falling victim to the attacks, the most recent a Facebook instant messenger scam. This was where a fake YouTube video contained a hijack setup. This convinced people to log in with their Facebook username and password, at which point the malicious software infected their message profile and emailed the same message to all the contacts of the affected person, and so it went on. On the surface, this hacking attack seems not to have caused much damage, but unfortunately, you can never be too sure it hasn’t left more malicious software behind for something else to strike.
So, how can these scams be avoided, and what is the best way to manage your internet safety in the highly connected world? There are several steps everyone should be taking:
Stay Updated:
Keep your Windows and Apple devices up to date with all patches and upgrades. Some of the most recent issues exploited holes that should have been fixed with patches released many months earlier. If you still have Windows XP in your environment, don’t use it to connect to the internet.
Install Anti-Virus Applications:
Make sure you have anti-virus and anti-spyware program installed and make sure it’s updated. Windows Defender included free with Windows 10, combined with another application like ESET internet security provide good protection. Will they provide 100% protection? – unfortunately, it’s not guaranteed so everyone still needs to think before they click.
Don’t click links:
Most attacks use some form of social engineering to trick the end user into clicking on a link or enter usernames and passwords. The degree of sophistication and skills these malicious attacks employ just keep growing, making it harder for end users to determine if its real or not. There are still some key things to remember that will help:
- Don’t click on links in emails, even if you know the person who sent it. Hovering your mouse over the link can let you see if it’s from the originator of the email, but it’s safer to not click on links at all.
- Avoid entering your username and password into any email originated message. Legitimate suppliers won’t ask for your login and passwords. The same applies to unsolicited callers on the phone. They should never ask for your username and password.
- Read emails carefully, badly worded emails with poor English/grammar are often a sign of a scam.
- Don’t ignore popup messages – reading the window can raise a red flag, so be sure you don’t simply blindly click YES. If not sure, close the window and see then what doesn’t start up.
Backups are critical:
If all else fails and unfortunately you do get infected, then backups become the last form of defence. Infections like ransomware are predominately designed to make money for large organised crime syndicates. Ransomware will encrypt your data and there are only two ways to recover that data, either pay the ransom or recover your data from backups. Even backups can be at risk from ransomware and best practice is to have three copies of data. One on your machine, another easy to restore local copy and the third “offsite” in some form of cloud backup destination.
It’s a complicated world connecting to the Internet, but the benefits outweigh the risk, especially when taking some key precautions as outlined above. As in all aspects of business getting advice from specialists like Stressfree IT can help refine and improve your IT security. StressFree IT provides solutions that meet the specific needs of small business in the Hawke’s Bay. Our aim is to work with business owners and identify the best technologies to provide a reliable and cost-effective IT solution. IT systems should deliver value through reliability, improved collaboration and be easy to support – in summary just take the stress out of IT.