I’ve mentioned this before in another blog, but I felt like it should be something that is definitely talked about more. As much security technology there is in this day and age there are some things that just can’t be taken for granted…your co-workers are your last line of defense against digital attacks.
I know it can be said that with all of the hardware and software vendors out there promoting their most current ways of protecting companies and individuals there shouldn’t be a need to be pro-active when it comes down to worrying about malicious attempts to access your data. Or worse, damaging your equipment in the process. Unfortunately that isn’t the case. Just because a company may boast about having the most current heuristic, zero-day, or other types of pre-emptive virus, malware, ransomware scanners, and blockers it doesn’t mean that you’re completely protected.
Sure, the products out there today do an amazing job of blocking all types of malicious activity, but it doesn’t mean that they can catch everything out there. Especially when now they can come in the form of word docs, PDF’s, and all other forms of URL re-directs that end up in your email and make it seem that you’re dealing with the legitimate company you think they are. I’ve seen some pretty good knock-off sites and emails that would make you second guess that you aren’t actually talking with the company that you think you’re supposed to be talking to.
I think sometimes companies forget the one point of failure that can happen to any company at any time…how your co-worker handles a potential issue. Even with all of the firewalls, email virus/spam catchers, and virus software in-place it doesn’t mean that something as small as an infected attachment in an email or a link to an infected site within the body of the email that might make its way into someone’s inbox. It comes down to how they handle that email that can end up making all the difference.
Taking the time to educate your co-workers about issues that are happening can make all the difference as to whether or not you might end up with the next biggest threat coming across your network. Showing examples of some of the things they might see is a great way to inform and educate. It could even save them from an issue at home or by passing the information on to friends and family about malicious activity to watch out for.
Here’s some tips to always watch out for if you’re not sure if you’ve come across something malicious:
- Make sure that the email that you’re opening is from someone that you know or might have dealt with in the past. (Yes, sometimes emails can still come from someone that you know and still be malicious. Due to the great amount of hacked email accounts and passwords, this happens more than you may realize. It’s knowing to reach out to that person if you think that the email might not be legit before clicking or opening anything)
- If there is an attachment in an email and it seems like a legit company, but you’re not sure, reach out to IT and have them take a look first. (A lot of times IT can load that attachment onto a system that isn’t part of the network and verify if the item is legit or a fake. I would rather get a 100 emails asking me if an attachment is legit than to have someone open it up and cause an issue)
- If an email kind of looks like it’s from a legit company, but something seems off don’t click on links that might try and get you to log into your account or to reset a password. (This is one of the easiest ways for hackers to try and gain your personal information. Not only can they gain usernames and passwords this way, but most people tend to use the same info for multiple accounts. That can be very dangerous as now they have credentials that might be able to get them into multiple accounts. A lot of times just hovering your mouse over the link can give you more information as to where the link is actually going. Your best bet is to use a bookmark that you know is legit and login and check your status that way. Or contact the company directly and ask about any issues that might pertain to the email that you received.)
Taking time periodically to go over the current issues out there can help mitigate a potential issue and can also help educate not only those issues for themselves, but help out a friend or family member as well. Being pro-active about issues with your co-workers can be the biggest and possibly your last line of defense against what could end up being a serious company catastrophe.
By Brian Easley | People Science Director of IT