(713) 682-4000 sales@westecservices.net

How to Spot Phishing Attempts

When Should I Update My Passwords?

How to Avoid a Spear-Phishing Attack

Hack the Hackers with Password Security

4 BYOD security risks you should prepare for

Fortify your data, physically

It’s Time To Disaster-Proof Your Business

Location

Creative

speed

reliability

Posts Tagged ‘data protection’

How to Spot Phishing Attempts - WesTec Services

How to Spot Phishing Attempts

Are you sure that email came from a real company? Individuals are commonly targeted by cybercriminals claiming to be a large organization, copying the format legitimate companies and phishing for personal information. This poses a real security threat to recipients but thankfully, there are steps you can take to spot phishing attempts:  

Recognize

When it comes to identifying phishing attempts, there are a few important things to learn. Scammers are constantly switching tactics and creating new ways to trick email recipients. Upon receiving a possible phishing email, check the sender for a domain email. If you have received an email from the person before, check to make sure alterations have not been made to the spelling of the name or email domain. Many scammers adjust a number or letter in the email to trick the recipient. Real companies will not ask you for sensitive information over email. Most legitimate companies will call you by your name in the email, redirect you to a secure webpage, and ask you to log in before asking for or updating sensitive information.   How To Spot a Phishing Attempt - WesTec Services

Protect

Install proper security measures on your personal computer. While spam filters attempt to sort legitimate emails in your inbox, cybercriminals try new methods to slip through the cracks and outsmart this system. If your email account or other websites offer a multi-step authentication option to prove your identity before accessing your information, always take advantage of this. Take any extra opportunities to better secure your data and ensure it cannot fall into the wrong hands. In cases where you are unsure about the legitimacy of a message and files or hyperlinks are included, do not click on or open them. These often contain malicious software that attack your computer and gain access to information.  

Report

If you find yourself in a situation with what you believe to be a phishing scam, contact the company using an email or number you know to be real. The company could confirm if that email was truly sent by them or not. If you have received a phishing email, forward it to the Anti-Phishing Working Group at reportphishing@apwg.org. You may also report the phishing attack to the FTC at ftc.gov/complaint. For your business technology needs, WesTec Services is here to provide the security and support you need. Contact us by phone at (713) 682-4000 or by email at sales@westecservices.net to discuss what we can do for you.
When Should I Update My Passwords? - WesTec Services

When Should I Update My Passwords?

Sometimes, accounts will ask you to update your passwords for security reasons. This often feels like an unnecessary task meant to make your life more complicated. However, in a world full of hackers and online predators, one must regularly update their password to protect valuable information.

Change Your Passwords Regularly…

When Should I Update My Passwords? - WesTec ServicesBy regularly changing your login information and passwords, you make it harder for someone to steal information. This is increasingly important for accounts without two-factor authentication. Communication accounts, like email and chatting apps, should also be updated every so often for increased protection.

…But Don’t Change Them Too Often

Traditionally, experts recommended you change passwords every 30 to 60 days–this is no longer the case. Mandatory password updates lead to money loss and lack of productivity with minimal security payoff. Now, changing your password doesn’t hold near the protection it used to. Because cybercriminals continue to learn more advanced hardware and software, they can typically discover your password if they look hard enough.

As humans, we tend to create patterns. This is no different in password creation. Typically, we use similar letters, numbers and themes when updating a password. Updating your password too often leads to confusion with little added benefit.

Keep Your Data Secure

As a rule of thumb, update your passwords when there is proof of some sort of security breach or online attack. This includes unauthorized use of an account or evidence of malware. By doing so, you’re preventing a hacker from gaining access into your personal accounts and obtaining sensitive, private information or data.

There are other ways to protect your data. Contact the experts at WesTec Services for more information about our cybersecurity services.

If you’re not sure how to create a secure password that will outsmart the online hackers, read our recent article for tips.
How to Avoid a Spear-Phishing Attack - WesTec Services

How to Avoid a Spear-Phishing Attack

As we discussed in a previous article, phishing is an attack that uses disguised emails as weapons aimed at masses of people. However, spear-phishing is a targeted attempt to steal sensitive information from a specific victim, such as account credentials or financial information.

During a spear-phishing attack, the perpetrator attempts to acquire personal details on the victim’s friends, hometown, employer, hang-outs, and their recent online purchases. This is typically done by disguising themselves as a trustworthy friend or entity through email, social media, phone calls, or text messages.

Because spear-phishing is the most successful form of acquiring confidential information online, it is important to practice how to avoid an attack.

How to Avoid a Spear-Phishing Attack - WesTec Services1. Beware what you post: Review your online profiles. How much personal information is available for potential attackers to view? If there is something you do not want the public to see, delete it, or ensure your privacy settings are properly configured.

2. Use smart passwords: It is not wise to use the password for every account you own. In this case, if an attacker has access to one account, they effectively have access to all of your accounts. Passwords with random phrases, letters, and numbers are secure.

3. Use logic with emails: If an organization sends you a link in an email requesting a specific action or sort of personal information, go directly to the organization’s site rather than clicking on the link. Calling the organization can also help clarify the issue. Real businesses will not email you asking for your username and password.

4. Update your software: Software systems include security updates that should help protect you from spear-phishing attacks, as well as others. If you receive notice of a new update, be sure to take advantage, or enable automatic updates.

  To learn more about how you can protect your data or sensitive information, contact the experts at WesTec.

Hack the Hackers with Password Security

hacker attempting to steal passwordsHave you ever been the victim of a cyber attack? Do you use the same password for all of your accounts? Follow our guide to outsmart the hackers with increased password security.

How Hackers Get Your Passwords

Before you can better protect your accounts, you must understand how cybercriminals access steal your information. Typically, a hacker will compromise your account in one of three ways. 
  • Personal attack: Hackers target your account specifically. They will typically guess your email password and use password recovery options to access other accounts.
  • Brute-Force attack: Hackers systematically check all possible passwords until the correct one is found.
  • Data Breach: Hackers attack large companies, resulting in millions of compromised accounts.  

What Makes a Good Password?

Ideally, your password should be at least 16 letters and contain a combination of numbers, symbols, uppercase and lowercase letters. Passwords should not include any repetition, dictionary words, usernames, pronouns or IDs. Make a strong password by thinking of a phrase and then use the initials of each word, as well as the numbers and symbols, to combat potential attacks. For example, if your phrase is “Do you think a hacker will guess my 16 character password for Facebook?!”, your password might be: Dytahwgm16cp4F?!

Enable Two-Step Authentication When Possible

If any sites or accounts offer two-factor authentication, take advantage of it. This system works to limit hacking attempts by making a user authenticate their identity with a second method of verification. Check out our recent blog post about two-factor authentication for more information.

Use a Password Manager

The best thing you can do for your accounts is have a different password for each one. However, if you follow this one cardinal rule of password security, keeping up with all passwords can be difficult. Using a password manager allows you to save all of your passwords in a secure spot with a strong master password.  WesTec offers consulting for any individuals or businesses wanting more information about password security, network installation, or managed IT services. Contact us for more information.

4 BYOD security risks you should prepare for

4 BYOD security risks you should prepare for

 August 23rd, 2018
4 BYOD security risks you should prepare for

Personal computing is with us wherever we go. Thanks to the rise of the mobile industry, smartphones and tablets allow us to take work home with us. And with the bring your own device (BYOD) strategy, businesses have never been so productive. However, BYOD can pose a number of security risks if you’re not careful. Here are some BYOD security issues you should know before implementing it.

Data leakage

The biggest reason businesses are wary of implementing a BYOD strategy is because it can leave the company’s system vulnerable to data breaches. Personal devices are not part of your business’s IT infrastructure, which means that these devices are not protected by company firewalls and security systems.

Employees might also take work with them to places outside of your company premises that don’t have adequate security settings, thus leaving your system vulnerable to inherent security risks.

Lost devices

Another risk your company has to deal with is the possibility that employees will lose their personal devices. If devices with sensitive business information get lost and fall into the wrong hands, anyone can gain unauthorized access to valuable company data stored in that particular device. Therefore, you should consider countermeasures and protocols for lost devices, like remotely wiping a device of information as soon as an employee reports it missing or stolen.

Possible hacking

Personal devices tend to lack adequate data encryption to keep other people from snooping on private information. On top of this, your employees might not regularly update their devices’ software, rendering their devices and your IT infrastructure susceptible to infiltration.

Connecting to open WiFi spots in public places also makes your company vulnerable and open to hackers, because hackers may have created those hotspots to trick people into connecting. Once the device owner has connected to a malicious hotspot, attackers can see your web activity, usernames, and passwords in plain text

Vulnerability to malware

Viruses are also a big problem when implementing BYOD strategies. If your employees use their personal devices, they can access sites or download mobile apps that your business would normally restrict to protect your system.

As your employees have the freedom to choose whatever device they want to work with, the process of keeping track of vulnerabilities and updates is considerably harder. So if you’re thinking about implementing BYOD strategies, make sure your IT department is prepared for an array of potential malware attacks on different devices.

BYOD will help your business grow, but it comes with IT security risks that you should be prepared to handle.
Need help mitigating these BYOD risks? Call us today, and let’s find the best IT security solutions for your company.

Published with permission from TechAdvisory.org. Source.

Mission: WesTec will be a “turn-key” solution for all of its clients’ business connectivity needs. It will offer efficient and effective solutions, directly and with strategic partners, that create tangible value for its clients at every point of contact. Westec will serve all people and entities with a servant’s heart.

Get in touch

2916 West TC Jester Blvd., Suite 104

Houston, TX 77018


(713) 682-4000

sales@westecservices.net

Quick Feedback