Are you sure that email came from a real company? Individuals are commonly targeted by cybercriminals claiming to be a large organization, copying the format legitimate companies and phishing for personal information.
This poses a real security threat to recipients but thankfully, there are steps you can take to spot phishing attempts:
Recognize
When it comes to identifying phishing attempts, there are a few important things to learn. Scammers are constantly switching tactics and creating new ways to trick email recipients.
Upon receiving a possible phishing email, check the sender for a domain email. If you have received an email from the person before, check to make sure alterations have not been made to the spelling of the name or email domain. Many scammers adjust a number or letter in the email to trick the recipient.
Real companies will not ask you for sensitive information over email. Most legitimate companies will call you by your name in the email, redirect you to a secure webpage, and ask you to log in before asking for or updating sensitive information.
Protect
Install proper security measures on your personal computer. While spam filters attempt to sort legitimate emails in your inbox, cybercriminals try new methods to slip through the cracks and outsmart this system.
If your email account or other websites offer a multi-step authentication option to prove your identity before accessing your information, always take advantage of this. Take any extra opportunities to better secure your data and ensure it cannot fall into the wrong hands.
In cases where you are unsure about the legitimacy of a message and files or hyperlinks are included, do not click on or open them. These often contain malicious software that attack your computer and gain access to information.
Report
If you find yourself in a situation with what you believe to be a phishing scam, contact the company using an email or number you know to be real. The company could confirm if that email was truly sent by them or not.
If you have received a phishing email, forward it to the Anti-Phishing Working Group at reportphishing@apwg.org. You may also report the phishing attack to the FTC at ftc.gov/complaint.
For your business technology needs, WesTec Services is here to provide the security and support you need. Contact us by phone at (713) 682-4000 or by email at sales@westecservices.net to discuss what we can do for you.
When your computer slows down or begins acting in an unusual way, it may be infected with a virus or malware. While most malwares are annoying, others may be malicious and hijack your computer’s information. Here are some tips to keep your hardware safe and prevent your computer from becoming infected.
Install Anti-Virus Software
Installing an antivirus or anti-malware software is the first step to protecting your computer. Without some type of protection software, your computer is an easy target for hackers. It is important to make sure the software stays up to date as well. For the best protection, install updates regularly as they alert you on your computer.
Run Regularly Scheduled Scans
You should be scanning your computer regularly with the anti-virus software you install. To best protect your computer, schedule your scan one night every week. Make sure your computer does not shut down automatically or go into hibernation mode to ensure the scan completes.
Use a Secure Network
Always use a secure network for computers to connect to files, printers or internet. Using an open network makes it easier for hackers to access your information. This means you should avoid using your computer at places that offer free WiFi. If your business likes to offer complimentary wifi to customers, consider offering a guest wifi with a different password than your main network for added protection.
Think Before You Click
Good protection software will automatically scan any links or unusual emails on your computer. However, it does not hurt to always be cautious when opening an email from an unknown sender or making sure a link is taking you where it says it is.
Use Multiple Strong Passwords
Finally, never use the same password for all of your important accounts. We often use the same email address or username for all accounts. Knowing this, it becomes crucial to use multiple strong passwords to prevent hacks. Your passwords should be easy to remember, difficult to guess, and always avoids dates or names.
Following these tips can help protect your computers and information from viruses and malware. For more information on how WesTec’s IT experts can help your business keep its information safe from hackers, contact us.
Sometimes, accounts will ask you to update your passwords for security reasons. This often feels like an unnecessary task meant to make your life more complicated. However, in a world full of hackers and online predators, one must regularly update their password to protect valuable information.
Change Your Passwords Regularly…
By regularly changing your login information and passwords, you make it harder for someone to steal information. This is increasingly important for accounts without two-factor authentication. Communication accounts, like email and chatting apps, should also be updated every so often for increased protection.
…But Don’t Change Them Too Often
Traditionally, experts recommended you change passwords every 30 to 60 days–this is no longer the case. Mandatory password updates lead to money loss and lack of productivity with minimal security payoff. Now, changing your password doesn’t hold near the protection it used to. Because cybercriminals continue to learn more advanced hardware and software, they can typically discover your password if they look hard enough.
As humans, we tend to create patterns. This is no different in password creation. Typically, we use similar letters, numbers and themes when updating a password. Updating your password too often leads to confusion with little added benefit.
Keep Your Data Secure
As a rule of thumb, update your passwords when there is proof of some sort of security breach or online attack. This includes unauthorized use of an account or evidence of malware. By doing so, you’re preventing a hacker from gaining access into your personal accounts and obtaining sensitive, private information or data.
There are other ways to protect your data. Contact the experts at WesTec Services for more information about our cybersecurity services.
If you’re not sure how to create a secure password that will outsmart the online hackers, read our recent article for tips.
As we discussed in a previous article, phishing is an attack that uses disguised emails as weapons aimed at masses of people. However, spear-phishing is a targeted attempt to steal sensitive information from a specific victim, such as account credentials or financial information.
During a spear-phishing attack, the perpetrator attempts to acquire personal details on the victim’s friends, hometown, employer, hang-outs, and their recent online purchases. This is typically done by disguising themselves as a trustworthy friend or entity through email, social media, phone calls, or text messages.
Because spear-phishing is the most successful form of acquiring confidential information online, it is important to practice how to avoid an attack. 1. Beware what you post: Review your online profiles. How much personal information is available for potential attackers to view? If there is something you do not want the public to see, delete it, or ensure your privacy settings are properly configured. 2. Use smart passwords: It is not wise to use the password for every account you own. In this case, if an attacker has access to one account, they effectively have access to all of your accounts. Passwords with random phrases, letters, and numbers are secure. 3. Use logic with emails: If an organization sends you a link in an email requesting a specific action or sort of personal information, go directly to the organization’s site rather than clicking on the link. Calling the organization can also help clarify the issue. Real businesses will not email you asking for your username and password. 4. Update your software: Software systems include security updates that should help protect you from spear-phishing attacks, as well as others. If you receive notice of a new update, be sure to take advantage, or enable automatic updates.
To learn more about how you can protect your data or sensitive information, contact the experts at WesTec.
We place our information online every day. We’re more than happy to hand over our email, phone number, address and credit card information to purchase a product on the internet. In a world where ecommerce is becoming the standard, businesses must do what they can to protect customer data.
Follow Current Encryption Practices
Encryption practices change regularly to evolve and combat cybercriminals. Often, organizations who failed to stay up-to-date with the latest data protection trends fall victim to cyberattacks. To help protect customer data, create a recurring reminder to analyze your company’s security practices and make updates as necessary.
Limit Access to Customer Information
For additional protection, limit who within your business can view customer data. Not every employee needs access to customers’ personal information. When only necessary employees have access to customer information, hackers have a harder time finding a weak point to break into company databases.
Don’t Ask for Unnecessary Information
As a company, it is important to only collect the information you need to complete a transaction or service to your customer. Customers get weary when a business asks for unnecessary information. By only collecting necessary information, there is less for a hacker to steal. This protects customers and their livelihoods.
Educate All Employees on Security Policy
While you may limit who can view customer data, make sure every employee knows and understands the company security policy. Even though an employee may not have access to the customer database, their actions could affect the privacy of customers. For example, if someone were to take a company laptop to a coffee shop and used the open wifi, a nearby hacker could potentially break into the company’s database through the network and steal personal information.
Let Consumers Know Their Information is Protected
The best way to build consumer trust is transparency. Let customers know you value their privacy. Take it one step further by detailing how you work to keep customer information stored safely in a privacy policy.If you’re unsure of how your business should protect customer data, or if your company wants information on the latest encryption practices, contact the experts at WesTec Services. We can help you create strong security protocols and install encryption software for data security.
This holiday season, experts expect cyberattacks to rise by 60 percent. Retailers and consumers will see a spike in cybersecurity alerts on Black Friday and Cyber Monday, with heightened risk for the remainder of the year. Below are practices WesTec recommends to avoid online scams this Christmas.
Analyze Email Advertisements and Deals
Most attacks are a result of commodity malware. Scammers send phishing emails, often posing as your favorite brand, to try and steal your financial information. These emails often include misspelled words and misused grammar. If you suspect any email you receive is a scam, avoid clicking any URLs. This is how scammers steal your data or install malware on your computer. Instead, to verify the email came from the true brand, visit their website and see if they are offering the same deal.
Shop from Established Brands
Sometimes deals look too good to pass up. If an unknown website is offering a seemingly impossible deal, you could be looking at an online scam designed to steal your credit card information. Shoppers can look for the https in a retailer’s site URL, compared to http. The ‘s’ stands for secure and ensures all communications between the browser and website are encrypted.
Avoid Public WiFi
If you plan to shop online, avoid purchasing on public WiFi. These networks are often unsecured, meaning anyone with a computer acumen can view what you are browsing and steal your personal information.
Use a Credit Card
Pay with a credit card when making gift purchases. A credit card offers the best liability protection against potential fraud, unlike debit cards. If scammers gained access to your debit card information, they could drain your accounts.
Make Sure All Passwords are Unique
It’s easier to use the same password for all accounts. But is it safer? If a hacker discovered your login credentials, they could easily hack into other accounts and steal your information. To best protect yourself, your data, and your financial information, make sure each account has a random and unique password. For more information about password security, visit our recent blog post.With the holiday season quickly approaching, be proactive in identifying online scams. For more information about cybersecurity and avoiding attacks from scammers, contact us.
Have you ever been the victim of a cyber attack? Do you use the same password for all of your accounts? Follow our guide to outsmart the hackers with increased password security.
How Hackers Get Your Passwords
Before you can better protect your accounts, you must understand how cybercriminals access steal your information. Typically, a hacker will compromise your account in one of three ways.
Personal attack: Hackers target your account specifically. They will typically guess your email password and use password recovery options to access other accounts.
Brute-Force attack: Hackers systematically check all possible passwords until the correct one is found.
Data Breach: Hackers attack large companies, resulting in millions of compromised accounts.
What Makes a Good Password?
Ideally, your password should be at least 16 letters and contain a combination of numbers, symbols, uppercase and lowercase letters. Passwords should not include any repetition, dictionary words, usernames, pronouns or IDs. Make a strong password by thinking of a phrase and then use the initials of each word, as well as the numbers and symbols, to combat potential attacks. For example, if your phrase is “Do you think a hacker will guess my 16 character password for Facebook?!”, your password might be: Dytahwgm16cp4F?!
Enable Two-Step Authentication When Possible
If any sites or accounts offer two-factor authentication, take advantage of it. This system works to limit hacking attempts by making a user authenticate their identity with a second method of verification. Check out our recent blog post about two-factor authentication for more information.
Use a Password Manager
The best thing you can do for your accounts is have a different password for each one. However, if you follow this one cardinal rule of password security, keeping up with all passwords can be difficult. Using a password manager allows you to save all of your passwords in a secure spot with a strong master password. WesTec offers consulting for any individuals or businesses wanting more information about password security, network installation, or managed IT services. Contact us for more information.
Access control systems continuously evolve with the newest technology trends. In fact, they must keep up with updates to protect companies, their employees and data from threats. With a rising number of security breaches, we can expect more companies to install access control systems.
Access Control Reviews
Security breaches are encouraging companies to conduct full audits of access controls. Enterprises will review risks by user, role and business process to isolate and mitigate risks before they turn into high-profile breaches. By noting weak security measures, companies can make changes to better protect assets.
Individualized Access
In 2019, we saw to see a rising trend in individualized access. This ensures each person has their own username, password or identification code. Companies now have access to automated provisioning, which sets up user accounts and creates automated workflows based on job duties.
Security Patching
Hackers will do anything to break into security systems. While this has been a problem for decades, hackers are now specifically targeting overlooked points of access. To combat external threats, we expect access control systems to begin patching vulnerabilities, even if it means temporarily disrupting productivity.
Threat Identification
Next year, systems will continue and expand their use of data analytics to monitor and mitigate threats. Companies will use their dashboards to monitor access, but they will also run possible scenarios to reduce risk and conflict.
Cloud-based Systems
The need for analytics, automation and access will encourage more businesses to install cloud-based control systems. As companies increase their technology and mobile tools, they will want to protect their system in an effective way. As we prepare to enter a new year and decade, businesses shouldn’t ignore threats from potential breaches. Our expert IT professionals at WesTec Services can help you analyze your current strategies and install a system designed to deflect security breaches. Contact us to learn more about our access control systems.
As technology continues to advance, additional security measures become necessary. Until now, single-factor authentication has been the standard. Single-factor authentication requires a username and password to enter an account. Consumers need additional security measures as cybercriminals become smarter. This is where two-factor authentication helps protect sensitive information and log-in credentials. Two-factor authentication (2FA) isn’t a new concept, but is a necessary additional layer of security. It usually works by requiring the submission of a username and password, then asks for something additional to prove you are who you say you are. For example, some businesses will send a pin number to your cell phone you must provide for entry into a site.
Improved Security
With a second form of identification needed for verification, two-factor authentication makes it harder for an attacker to impersonate a user. In the event a cybercriminal gains password access, they can’t produce the additional element required to authenticate.
Increased Productivity and Flexibility
Employees can work remotely when their employers implement a second factor of authentication. They can securely access important applications, data, documents and back-office systems from any device or location with little risk.
Lower Security Management Costs
Approximately 40% of all help desk calls are related to password resets. With secondary authentication, businesses can expect less of the budget to be spent on security needs. It provides a safe way for employees or consumers to reset their account password by using the additional element to prove their identity, meaning they can handle the issue without contacting an IT professional.
Reduce Fraud
Identity theft is a common goal of cybercriminals. With two-factor authentication, businesses add extra mobile protection for customers, the site and the transaction. Adding a second element in your authentication process builds a sure brand consumers trust. Ready to add two-factor authentication to your website? Contact your Houston IT experts.
Experts estimate that the global market for cybersecurity products this year will exceed that of last year. At first glance, an increase in spending seems necessary and shows that businesses are becoming more aware of cybersecurity issues. But a closer look may prove otherwise. Learn why your company could be investing on cybersecurity products the wrong way.
Uncover threats and vulnerabilities
Every business should evaluate the current state of its cybersecurity by running a risk assessment. Doing so is one of the easiest ways to identify, correct, and prevent security threats. After discovering potential issues, you should rate them based on probability of occurrence and potential impacts to your business.
Keep in mind that risk assessments are specific to every business and there is no one-size-fits-all approach for small business technology. It all depends on your line of business and operating environment. For instance, manufacturing companies and insurance groups have totally different applications to secure.
After tagging and ranking potential threats, you should identify which vulnerabilities need immediate attention and which ones can be addressed further down the line. For example, a web server running an unpatched operating system is probably a higher priority than a front desk computer that’s running a little slower than normal.
Tailor controls to risks
Instead of spending time and money evenly on all systems, it’s best that you focus on areas with high risk. You should address these issues immediately after an assessment, but also put plans in place to evaluate their risk profiles more often.
Assess existing products
Chances are, your organization has already spent a great deal of money on security products and their maintenance and support. By conducting risk assessments more often, you can improve the strategies you already have in place and uncover wasteful spending. You may discover that one outdated system merely needs to be upgraded and another needs to be ditched. Remember, your existing products were purchased to meet specific needs that may have changed immensely or disappeared altogether.
It’s much harder to overcome cybersecurity obstacles if you’re not regularly evaluating your IT infrastructure. Contact our experts for help conducting a comprehensive assessment today!
Published with permission from TechAdvisory.org. Source.
Mission: WesTec will be a “turn-key” solution for all of its clients’ business connectivity needs. It will offer efficient and effective solutions, directly and with strategic partners, that create tangible value for its clients at every point of contact. Westec will serve all people and entities with a servant’s heart.
Get in touch
2916 West TC Jester Blvd.,
Suite 104
Houston, TX 77018
By regularly changing your login information and passwords, you make it harder for someone to steal information. This is increasingly important for accounts without two-factor authentication. Communication accounts, like email and chatting apps, should also be updated every so often for increased protection.
1. Beware what you post: Review your online profiles. How much personal information is available for potential attackers to view? If there is something you do not want the public to see, delete it, or ensure your privacy settings are properly configured.
Educate All Employees on Security Policy
Use a Credit Card
Have you ever been the victim of a cyber attack? Do you use the same password for all of your accounts? Follow our guide to outsmart the hackers with increased password security.
Cloud-based Systems
Reduce Fraud
2916 West TC Jester Blvd.,
Suite 104
sales@westecservices.net