Security: A National…, Big Business…, Small Business…, Home…, Everyone Concern
As you read this, consider that the United States Government is still investigating one of the largest, most intrusive cyber security breaches in history. It doesn’t matter if you see this in February 2021 or perhaps several months later. Hacks like this are not simplistic; they are calculated months in advance, diverse in the entry points used, and implore sophisticated tools to continuously cover tracks and shift focus. For that reason, it will take a long time to assess the full damage done and truly understand the necessary safeguards to keep it from happening again… or more accurately put …limit the severity of the next breach.
So, how does this affect you? Well, consider what happened for a moment. One of the most secure networks in the world was bypassed for two reasons. 1. It was targeted by a highly intelligent group that understood their target and 2. What they understood was that the U.S Government relies on a network of partnerships between agencies and private security contractors. We won’t delve too much into the details of who and what is at fault, but the important takeaway here is that we all share a similar problem. No, we don’t all house Top Secret Government data. Instead, we ALL interact with vendors and partners on a daily basis. Customer information, product designs, our personal banking records; to you that’s as top secret as it gets. Whether you are a Fortune 100 Enterprise, a small business, or just a home user online shopping, this creates a dangerous window quite often taking the form of a malicious email.
Phishing attacks aren’t new by any means, but they are getting better. Take a look at the below email.
- Bad spelling
- Weird Subject Line
- Email says it’s from Amazon, but also references another address
Compare this with another email we received here at Outline.
Anyone who has visited our Learning Page or Store has seen that we have a great partnership with Individual Software. The idea that we would receive an invoice from them is not out of the ordinary at all.
This email was not random nor immediately obvious to be malicious. It was relevant to our business, our partnerships, relied on the urgency factor by referencing an important invoice, and most terrifyingly was able to spoof the email address. Unfortunately for the sender, we are extremely diligent here out Outline and flagged it immediately.
If you’re at a small business you likely have your own list of growing vendors that constantly send important documents and designs. Similarly, as a home user there are times when you simply can’t ignore an urgent notification regarding a recent purchase, shared document, or software update. Here are our tips to keep you safe from emails like this and reduce your risk for viruses, ransomware, and data theft.
- Never open an attachment or click on a link you were not expecting without VERIFYING IT FIRST.
Reach out to the sender (separate email, do not reply to the original one) and confirm that they sent it.
- Do not use email links to update information.
We’ve all received an email from a bank or online account saying “Password / Address update needed”. Some of these may be perfectly harmless, but common updates are often publicly known which gives cyber criminals the perfect window. Simply log into the application in a different browser window and check for the update notification there.
If you HAVE to click on the link hover over it first and at a minimum and make sure the URL looks legitimate.
- Take your time and look for the obvious
- Spelling Errors
- “Dear Reader”
- Incorrect signature
- Different font. @Outlinesoftware.com and @Outlinecom are not the same
- Have a safeguard.
We get it. Vendors send you attachments that you need to open. Because this risk will always exist, make certain you have the right tools to keep you safe if and when someone tries to take advantage of this window.
Don’t just scan documents with traditional antivirus. Make sure you have a solution that utilizes behavior analysis as this can catch files that evade scanning by hiding in RAM.
To keep your files safe from Ransomware be sure to apply backup that explicitly mentions Ransomware Protection and encryption in the protection features.
Most importantly however, just stay vigilant and pro-active. You are the best security for your company and your personal information.
If you ever receive an email or message from Outline that you are unsure of DO NOT hesitate to reach out. We’ll never send you something too urgent for a quick confirmation.