Don't Be The Weak Link!

One might think that the biggest risk to an organization’s information security is its technology,  but in fact, the biggest risk is the actions or inactions of its employees.  Human error has become a major weakness today and is one that is easily exploited by cyber criminals. In actuality, one study showed that almost 90 percent of cyber-attacks are caused by human error or behavior.

 
IT-support-managed-services-cybersecurity-small-business-oil-gas-Midland-Texas-human-error.jpg
 

To ensure that you are not your organization’s weak link, please review the following:

  • Use special caution with an email that:

    Requests confirmation of personal or financial information with high urgency.

    Requests quick action by threatening user with frightening information.

    Is sent by unknown senders.

  • Never divulge personal information via phone or on unknown websites.

  • Do not click on links, download files, or open email attachments from unknown senders.

  • Beware of emails that ask the user to contact a specific phone number to update user information.

  • Never divulge personal or financial information via email.

  • Beware of links to web forms that request personal or login information, even if the email appears to come from a legitimate source. Phishing websites are exact replicas of legitimate websites.

  • Beware of pop-ups; never enter personal information in a pop-up screen and don’t click on a pop-up.

  • Be sure to make on-line transactions only on websites that use the HTTPS protocol. Look for a sign that indicates that the site is secure (e.g., a padlock on the address bar).

  • Beware of phone phishing as well. Never provide personal information over the phone if you receive a call.

  • Never post personal information, such as a vacation schedule and home photos on social media. Never click on links and videos from unknown origin and never download uncertified applications.

  • Verify online accounts regularly to ensure that no unauthorized transactions have been made.

  • When in doubt about a request, pick up the phone and call the requestor. Do not inquire via email as the requestor’s email account may be controlled by bad actors.

To close, remember that if you have the slightest doubt or hesitation about an email or request, don’t act on it. It’s simply not worth it.

BlogNet Ascendant IT Solutions Midland Texascybersecurity, phishing