Continuing our two-part series looking at the most common cyber security threats your business faces, here are six more you need to be aware of.
Phishing
Passwords are typically the weakest link in your IT defences. If hackers can steal a password, they immediately gain a foothold inside your network. Get hold of the right password and they can cause untold damage as a fully authorised network user.
Phishing describes any technique used by hackers to trick your users into handing over their credentials. They may be encouraged to log into a legitimate-looking website for instance. Or they may be sent an email purporting to be from their senior manager asking them to share their logins. Some may be asked to download a file which later turns out to be password-stealing malware.
The best way to deal with phishing is education. Teach your users what to be aware of – and establish tough guidelines about never sharing or disclosing passwords.
Catfishing
A specific spin on general phishing techniques, a catfish is a fraudster who sets up a fake online persona to establish personal relationships with other internet users. Typically, catfishing works by creating a romantic attachment with a victim who is then exploited for financial or material gain. In some instances, criminals may use catfishing techniques to steal passwords or other sensitive personal data that can be sold or reused.
Spam
Spam can be described as any unwanted email message, creating something of a grey area for many internet users. Blatant spam is usually sent from an anonymous address, advertising generic medications or promising untold riches from Nigerian princes who simply need your bank account details to facilitate an international bank transfer.
However, some people would regard any marketing emails as spam – even if they originally opted into the mailing list of a legitimate retailer.
To reduce the load on your mail server (and to keep your employees on track), consider using a spam filtering service to block the most blatant junk before it enters the network.
Identity theft
The holy grail for many cybercriminals is to acquire enough personal information to allow them to impersonate their victims. By compromising an online bank account, hackers can drain balances, take out loans and commit other frauds worth many thousands of pounds. They can then set up new accounts elsewhere, repeating the fraud many times over until the victim is alerted to the problem.
Phishing emails are a common starting point for identity theft scams.
Cryptominers
Bitcoin, Ethereum and other cryptocurrencies promise untold riches – particularly to those who dedicate computing resources to ‘mining’ new digital tokens. The process itself is perfectly harmless – so long as the crypto miner is using their own computers.
Greedy cybercriminals may install crypto-mining software on victims’ computers, diverting resources like CPU cycles and RAM to mining activities. The victim’s computer will slow down and become unresponsive – very similar to a malware infection.
Indeed, antimalware software is vital for preventing illicit crypto miner software from being installed.
Firewall
Not a cyber threat, but a vital tool in the fight against online crime. Your firewall is an important defence that controls what enters and leaves your network.
Acting like a gateway, your firewall should inspect all incoming and outgoing traffic, automatically blocking suspicious activity. A well-configured firewall will help to prevent many of the attacks described in this article – and in Part One too.
Get help
For more help and advice about the cyber security threats facing your business – and how to mitigate them – please give the WTL team a call.
If you missed Part 1 you can view this blog article here.