October is Cybersecurity Awareness Month. Cybersecurity is the practice of protecting critical systems and sensitive information from digital attacks. Cyberattacks can take many forms — ransomware, data-harvesting malware, phishing and more.
You might be thinking, “Do we really need an entire month devoted to cybersecurity awareness?” The truth is, it’s smart to be aware of cybersecurity risks at all times. Statistics show that internet-based crime is dramatically on the rise. In fact, the FBI reported losses of $4.2 billion related to cybercrime in 2020 — a significant increase from 2019. Now is a great time to evaluate your processes and systems to make sure you’re prepared in the event of a potential cyberattack.
Recognizing a Cyber Threat
How confident are you that you can spot a phishing attempt? The bad actors have become much more sophisticated. It’s no longer just the ones we’ve been seeing for years, like messages promising a long-lost inheritance.
Recently, I received an email that had the subject line, “Message to All Staff.” The body of the email contained our logo and text that sounded legitimate regarding our COVID-19 safeguards.
“In an effort to keep all team members safe and informed, as well as our business protected, included here are the precautions that have been put in place,” the message read.
The email came through while I was walking my dog early in the morning, and it gave me pause. I had to look at it a couple of times to be sure it was not legitimate. But there were plenty of clues.
First, it came from an external email address. It also purportedly came from a department at our company, but the department name was not quite right. And there was a suspicious link to additional information in the body of the message.
I am constantly reminding people not to click on links, so fortunately, I followed my own advice and instead reported it to our internal helpdesk. I averted a crisis, but if I had not been paying close attention, I could have easily fallen prey to a scam.
Educate Yourself and Evaluate Your Risks
We want to help you become more confident in your ability to spot a scammer and reduce your chances of becoming a victim of cybercrime. The American Bankers Association has great quiz to help you test your ability to spot a banking scam. It can be found at www.banksneveraskthat.com.
The Cybersecurity & Infrastructure Security Agency offers lots of resources and tips for small businesses here.
Below are a few things to watch for in communications:
- Is the communication asking for confidential information?
- Are there suspicious links or attachments?
- Is the communication creating a sense of urgency to respond?
With increased awareness of potential threats and the proper tools in place, you can protect yourself and your organization. Let us know if we can help.