Solving problems and trying to make the world a more beautiful place through curiosity, creativity and kindness.
Protect yourself and your business from phishing attacks
Published 20/06/22 09:15 PM
262 2.5 mins
Written by Dean Harries
Since yesterday a phishing scam disguised as the Microsoft sign in page has been found. Attached is a fake file called "payslip.htm".
Once opened, the phishing site attempts to get the users details. If the user logs in, a script hosted at "swiss-fis.com" is run and the user then sees a fake invoice for $60,000.
It's important to protect yourself and your business from phishing attacks. Once an attacker has your credentials, they can move quickly to disable your access, and it can be difficult to regain access to your accounts.
The best way to protect your business from phishing attacks, is to make sure yourself and staff have 2 factor authentication enabled for all accounts.
That means if the attacker does receive someones password, they still need their phone, email access or authentication app before they can access the user account.
Email scams are a part of everyday business life, but if you educate your staff on some of the signs of suspicious emails, you can avoid most email scams.
There are 3 very basic things to look for when identifying suspicious emails.
If you're regularly emailing someone at "example.com", and you receive an email from "example-2352.com" - this is most likely a sign that the email should not be trusted.
If you open an attachment from a trusted source that takes you to a site requiring login details - check the web address.
An example is; if you're asked for your Microsoft password, but the web address says "thisisntmicrosoft.com" - there's a good chance it's a scam.
If you receive an attachment that isn't from a trusted source, you should never open it. However - phishing attempts can happen, when a company's email server is hacked and the attackers pose as real users.
In most of these cases, it's best to forward the attachment to your IT department so they can inspect the file.
I wrote an article on keeping your passwords secure, which I highly recommend if you want to store your passwords safely.
I can't stress enough how important and valuable your data is. Keep it secure and back it up. Things break, problems happen - but how good is that feeling when something does happen, and you're prepared.
While you cannot always avoid phishing attempts, by using multiple steps for authentication and backing up your data, you help reduce the risks associated with an attack.