It's tax season and cyber criminals are working overtime. Are you a Human Firewall?
Tax season is a prime time for online scams and this year, the threats are more dangerous than ever before. From phishing scams looking to catch valuable personal and financial information, to IRS impostors looking to cash in on your tax refund, to Word files infected with ransomware that encrypts your files for ransom. Sure, your devices may be protected with antivirus and anti-malware software, and your local network is protected with a firewall (it is, right?), but what about you? Do you how to spot a phishing scam? The first line of defense against cyber threats is you. Are you a Human Firewall?
The National Cyber Security Alliance (NCSA) has some easy-to-use tips that will help you be a Human Firewall against cyber criminal's tricks.
- Keep All Machines Clean: Having updated software on all devices that connect to the Internet is critical. This includes security software, web browsers and operating systems for PCs and your mobile devices. Having current software is a strong defense against viruses and malware that can steal login credentials or potentially use your computer to generate spam.
- Get Two Steps Ahead: Turn on two-step authentication – also known as two-step verification or multi-factor authentication – on accounts. Many popular email services and financial institutions offer this key security step for free, but you must opt in to turn it on.
- Make Better Passwords: If your passwords are too short or easy to guess, it’s like giving a cyber thief your banking PIN. Longer passwords and those that combine capital and lowercase letters with numbers and symbols provide better protection.
- Get Savvy about Wi-Fi Hotspots: Public wireless networks are not secure. Cyber criminals can potentially intercept Internet connections while you are filing highly personal information on public WiFi.
- When in doubt, Throw It Out: Links in email are often the way bad guys get access to your personal information. If it looks weird, even if you know the source, it’s best to delete.
- Think before you act: Be leery of communications that implore you to act immediately – especially if you are told you owe money to the IRS and it must be paid promptly.
Watch that Word file!
It was only a matter of time, but someone finally did it. A new ransomware strain amateurishly named "Locky" is professional grade malware that uses a Microsoft Word attachment that has malicious macros in it, making it hard to filter out. Over 400,000 workstations were infected in just a few hours, data from Palo Alto Networks shows. Antivirus engines are being updated to catch it, but it took several days to get there, so you cannot rely on endpoint security tools with new attacks like this. The bad guys use social engineering twice to trick the user first into opening the attachment, and then to enable the macros in the Word file. The email message will contain a subject similar to ATTN: Invoice J-98223146 and a message such as "Please see the attached invoice (Microsoft Word Document) and remit payment according to the terms listed at the bottom of the invoice".
Having Business-grade Backup and Restore Capabilities is the new Gold Standard
It is critical that you have a regular routine to backup your files and user data as well as knowing how to restore the data from a backup. Should you find yourself in the position of having lost your files, a few hours of work to restore them from backup is far better than the permanent loss of your invaluable data. Having a backup and restore plan is a top priority, but it's not enough. The security of your data and local network starts with you - be the Human Firewall.
For a no-cost assessment of your data security, please call Ntelogic @ +1 (209) 322-9621 or email us @ firstname.lastname@example.org.