Ransomware is the most common cyber-security threat that businesses are now facing with 74% of businesses facing an information security breach in the last year.
Falling victim to Ransomware will lock you out of your files and demand a ransom in order to resume access. Your data could be permanently lost if you can’t restore from a backup or you don’t pay the ransom to the cybercriminals.
The Email Tricks Criminals Use to Deceive your Employees
Most ransomware is transmitted via email. Unfortunately, email spam filters don’t catch everything – and cyber criminals know the best practises to get through them.
The days where spoof emails were easy to spot are over. Spoof emails now look VERY similar, even identical, to the real thing.
Be wary of invoices, parcel tracking emails, emails from your bank and any other unexpected email.
Emails are now often timely and relevant too, perhaps riding a popular trend such as pokemon go, or a big news story.
Tip: Hover over links to check where they are really pointing to. The URL that appears on hover is the real one. There may only be a small difference, e.g. barclay.co.uk instead of barclays.co.uk, or bankofarnerica.com instead of bankofamerica.com
Lack of Employee Education the Number One Reason Ransomware Attacks Succeed
User training and education is the best way to prevent your business from becoming a statistic.
You’re only as strong as your weakest employee. Are you confident that ALL of your employees would spot the signs of a fake email designed to get them to click a link or download an attachment?
Unfortunately, traditional training of employees is never 100% successful. You need to ensure that ALL of the information sinks in for every employee.
Employee training and education can’t be a one-off event. Three months after the training, cyber criminals have improved their methods, and the lessons your employees learnt have faded.
You need to continually reinforce and test your employees to achieve the maximum protection.
Start Creating a Security Policy for Your Business Now
Are your employees aware of what emails they should or should not click on?
Are they aware of what information about themselves they’re allowed to tie to your company online through social media and personal websites?
Are they educated to recognise suspicious phone calls to the business?
Are they allowed to install their own software on their work PCs?