(713) 682-4000 sales@westecservices.net

How to Avoid a Spear-Phishing Attack

What is Phishing?

The Benefits of Two-Factor Authentication

Posts Tagged ‘cybercriminal’

How to Avoid a Spear-Phishing Attack - WesTec Services

How to Avoid a Spear-Phishing Attack

As we discussed in a previous article, phishing is an attack that uses disguised emails as weapons aimed at masses of people. However, spear-phishing is a targeted attempt to steal sensitive information from a specific victim, such as account credentials or financial information.

During a spear-phishing attack, the perpetrator attempts to acquire personal details on the victim’s friends, hometown, employer, hang-outs, and their recent online purchases. This is typically done by disguising themselves as a trustworthy friend or entity through email, social media, phone calls, or text messages.

Because spear-phishing is the most successful form of acquiring confidential information online, it is important to practice how to avoid an attack.

How to Avoid a Spear-Phishing Attack - WesTec Services1. Beware what you post: Review your online profiles. How much personal information is available for potential attackers to view? If there is something you do not want the public to see, delete it, or ensure your privacy settings are properly configured.

2. Use smart passwords: It is not wise to use the password for every account you own. In this case, if an attacker has access to one account, they effectively have access to all of your accounts. Passwords with random phrases, letters, and numbers are secure.

3. Use logic with emails: If an organization sends you a link in an email requesting a specific action or sort of personal information, go directly to the organization’s site rather than clicking on the link. Calling the organization can also help clarify the issue. Real businesses will not email you asking for your username and password.

4. Update your software: Software systems include security updates that should help protect you from spear-phishing attacks, as well as others. If you receive notice of a new update, be sure to take advantage, or enable automatic updates.

  To learn more about how you can protect your data or sensitive information, contact the experts at WesTec.

What is Phishing?

Phishing is defined as a cyber attack that uses disguised emails as weapons. Hackers try to trick email recipients into clicking links or attachments they designed to steal personal information.

What is Phishing?

Here’s an analogy to better understand: Imagine a fisherman baiting a hook and tossing it into a lake in hopes of getting a bite. If a fish bites, the fisherman reels it in. But, if it doesn’t, the fisherman fails and the fish keeps swimming. Phishing is the same way. A cybercriminal can only gain access to your accounts or information if you fall for the bait. For example, a hacker might design an email disguised as your bank telling you your account has been compromised. They ask you to click on a link to verify your identity. If you click on the link and fill out the information, you have now provided them with the information to access your finances.

Types of Phishing

Hackers attempt to get victims to do one of two things to get what they want. Some cybercriminals try to trick you into giving up your information. This is similar to the bank example above. Other hackers prefer to have you download malware. Often, these types of emails will include a download attachment, often a .zip file or Microsoft document, embedded with malicious code.

How to Prevent Phishing Attacks

If you know how to spot a phishing attempt, you can avoid compromising your data and report it to the Federal Trade Commission. Here are the steps you can follow to confirm the identity of an email sender:
  • Always check the spelling of URLs in email links before you click
  • Watch out for URL redirects, where hackers sent you to a different website with identical design
  • If you receive a suspicious email from a source you know, contact them with a new email, rather than replying
To learn more about how you can protect your data and sensitive information, contact the experts at WesTec.
two-factor authentication benefits

The Benefits of Two-Factor Authentication

As technology continues to advance, additional security measures become necessary. Until now, single-factor authentication has been the standard. Single-factor authentication requires a username and password to enter an account. Consumers need additional security measures as cybercriminals become smarter. This is where two-factor authentication helps protect sensitive information and log-in credentials.  Two-factor authentication (2FA) isn’t a new concept, but is a necessary additional layer of security. It usually works by requiring the submission of a username and password, then asks for something additional to prove you are who you say you are. For example, some businesses will send a pin number to your cell phone you must provide for entry into a site.

Improved Security

With a second form of identification needed for verification, two-factor authentication makes it harder for an attacker to impersonate a user. In the event a cybercriminal gains password access, they can’t produce the additional element required to authenticate.

Increased Productivity and Flexibility

Employees can work remotely when their employers implement a second factor of authentication. They can securely access important applications, data, documents and back-office systems from any device or location with little risk.

Lower Security Management Costs

Approximately 40% of all help desk calls are related to password resets. With secondary authentication, businesses can expect less of the budget to be spent on security needs. It provides a safe way for employees or consumers to reset their account password by using the additional element to prove their identity, meaning they can handle the issue without contacting an IT professional.

Reduce Fraud

Identity theft is a common goal of cybercriminals. With two-factor authentication, businesses add extra mobile protection for customers, the site and the transaction. Adding a second element in your authentication process builds a sure brand consumers trust.  Ready to add two-factor authentication to your website? Contact your Houston IT experts.

Mission: WesTec will be a “turn-key” solution for all of its clients’ business connectivity needs. It will offer efficient and effective solutions, directly and with strategic partners, that create tangible value for its clients at every point of contact. Westec will serve all people and entities with a servant’s heart.

Get in touch

2916 West TC Jester Blvd., Suite 104

Houston, TX 77018


(713) 682-4000

sales@westecservices.net

Quick Feedback