Current Cyber Threats – What You Need To Know

September 14, 2018

Home » Blog » Current Cyber Threats – What You Need To Know

We all hear about cyber threats and hacks virtually every day and most of the time there’s alot of technical jargon involved. I’ve
written this article to explain what some of the most common types of threats are and what you need to look out for.

There are a number of ways that you and your business are at risk from cyber threats.Â Three of the most common include â€“

Brand-jacking/Credential Harvesting â€“

Scenario –

Usually done initially through an email
Fools victim into thinking that email is legitimate
Pretending to be a reputable company like Microsoft or a bank or well-known business
Directs victim to a very real looking log-in screen (which is fake)
Asks victim for username and password for that website to enable them to log in.
Once this has been entered, scammer has victims credentials and has full access to victims account.

Tips â€“

Check language very carefully in emails â€“ Dear customer, dear <email address> are red flags
Check the senders email address to ensure that they are who they say they are.
Hover over the link in your email to check the web address to see if it is legitimate
Use a URL scan to check if there is record of the web-site being malicious or spam â€“ https://www.virustotal.com
If you do click on link â€“ check that the website address is legitimate and again it is who they say they are.
Set-up additional security for yourself on critical web-sites and services.Â This could include multi-factor or two-factor authentication.
If in doubt, don’t click on it.Â Ask your IT

Spam Emails Containing Malware

Scenario –

Comes in an email with an attachment or link
Fools victim into thinking that email is legitimate
Pretending to be a reputable company
Directs victim to open file or click on link
Once victim performs action, malicious payload is installed onto the computer
Most common type is crypto/ransomware which encrypts all files on computer and spreads to network.Â Only recovery is from backup.Â Other
malicious software can include key loggers which steal credentials.
Some businesses take decision to pay ransom which is a huge risk.

Tips â€“

Check language very carefully in emails â€“ Dear customer, dear <email address> are red flags
Check the senders email address to ensure that they are who they say they are.
If there is a link – hover over the link in your email to check the web address to see if it is legitimate.
Use a URL scan to check if there is record of the web-site being malicious or spam â€“ https://www.virustotal.com
If there is an attachment, what is it called?Â Does it have a generic name like invoice.pdf etc
If you do click on link â€“ check that the website address is legitimate and again it is who they say they are.
Set-up additional security for yourself on critical web-sites and services.Â This could include multi-factor or two-factor authentication.
If in doubt, don’t click on it.Â Ask your IT.

Brute Force Hacking –

Scenario â€“

Usually performed by a skilled ‘hacker’
Targets businesses with perceived poor security
Usually doesn’t involve user/staff interaction
Targets poor passwords or ‘back-doors’ to provide access to the business computer network or business application.
Once inside the network or application hackers can steal information, install malicious software and cause major disruption.

Tips â€“

Ensure that password policies have been set-up properly for all staff.
Ensure no accounts are set with non-expiring passwords.
Provide staff with access to what they need, not what they want.
Ensure your external network security is strong.
Set up additional security for business applications including multi-factor authentication.
Ensure that security alerts are set up so that your IT knows when there are hacking attempts.
Get an expert to perform regular reviews of your cyber security.

As I’ve talked about numerous times there are precautions you and your business can put in place to help prevent the majority of cyber
threats from impacting you. These include –

Install suitable end-point security software on all computers and servers
Install a security firewall to protect your network
Install an email anti-spam and email security solution
Set-up password policies and configure complex passwords
Configure multi-factor authentication where you can
Educate and raise awareness of threats
Take out cyber insurance

If you’d like any further information or assistance with your cyber security please call us on 1300
478 738
or email us at info@suretyit.com.au

<s”am

Contact Us

The Ultimate Guide to Managed IT Services

January 11, 2024

Navigating Data Privacy Regulations: An Extensive Guide for Australian Businesses

December 8, 2023

Unlocking Productivity: The Transformative Impact of MSPs on Business Operations

November 29, 2023

Find out how we can help with your IT challenges.

About the author:

Ash Klemm

Ash has over 20 years of experience in sales and marketing.His journey from a casual salesperson at Chandlers to State Manager at a national IT distribution company, while battling health issues, including a double lung transplant in 2015, gave him the experience, know-how, tenacity, and marketing insight, to find solutions and help businesses grow.After spending several years in the ivory tower of state management, Ash missed the genuine connection of face to face meetings and helping make a difference to businesses in need.His authentic, conversational, and easy-going nature helps our customers feel at ease and shows them we are a brand to trust. Ash spends his days advocating for our customers to ensure they receive the best possible service in a timely fashion. Ash is also the in house chair builder.His curiosity and natural problem-solving ability make him the perfect first call for all our new customers to help determine what is wrong, how Surety IT can help and what the best solutions are moving forward.