POP QUIZ: What about this screenshot makes it a true phishing attempt?

If you have no idea, don’t worry, that’s why we’re here today! Just use the “SLAM” Method: Sender, Link, Attachments, Message. In this instance, S (Sender) will give you all the information you need. Email-records.com is NOT Microsoft.com, so you can immediately know you should not trust the rest of the message.

No matter what it is, once you identify an email as a phishing attempt, always contact your IT team immediately. We’ll talk more about that in a second.

Remember that Colonial Pipeline breach that caused 50% of the east coast to lose their fuel supply? Well, you may not be aware that the organization wasn't technically required to report that they were breached. However, when that many people don’t have access to gas, word gets around pretty fast.

Since the breach, several government agencies have shown interest in enforcing new rules that would require companies to report these types of cyber incidents. 

Cybersecurity expert talks simple tips to keep your info safe at home and school | KXAN Austin

Key Takeaways: 

1. “Phishing is when a scammer will try to bait and hook you in by impersonating a trusted source. So that could be a bank or government or maybe even a place where you shop frequently,” said Hoyt.
     
   1. Phishing actually makes up 90% of all cyber security attacks, that’s why we’re talking about it! 
       
2. When you receive a text or email that looks a little suspicious, check the link for inconsistencies. If it is a text, hold the URL to see where it is planning to redirect you.
    
3. Another way to help prevent attacks is to use different passwords for each of your accounts – make sure your social media passwords are different from your work logins.
   
   Consider Password Managers: Top 5 Reasons Small Businesses Should Use a Password Manager

As with most things in business, teamwork is foundational for progress in cyber security. If a department in your organization isn’t using MFA or changing their passwords regularly, the effort of everyone else can be in vain.

Three Ways To Improve Teamwork In Cybersecurity | Forbes

Key Takeaways: 

1. If you want cyber security to be team oriented, it’s important to have color-coded playbooks:
    
   1. Red or adversary playbooks detail the tactics, techniques and procedures (TTP) that make up common types of attacks.
       
   2. Blue playbooks inform the actions of the security operations center (SOC) in response to specific actions by adversaries when actual attacks occur.
       
   3. Organizational playbooks help executive management, the board of directors and communications teams direct an organization’s response to a major cybersecurity incident.
       
2. Gametime requires extensive practice for every team sport, cyber security included.
     
   1. Regularly train your employees. Using phishing email simulators and weekly cyber security quizzes are great starting points.
       
   2. Conduct tabletop exercises. The cybersecurity team should work with executive management, the board and key departments to simulate the response of key parts of the organization to major cyber incidents.
       
   3. Back to the basics. MFA and timely patching of software and hardware are table stakes for cybersecurity—the equivalent of ensuring that team players are healthy and in shape before the game.
       

No jam bands or pescatarian prey here. No matter how robust your systems and strategies are, these phishing attempts are still finding success. Those trying to access your information are getting better at slipping those phishing attacks through the weak spots in platform email defenses.

1 in 5 phishing attempts to actually get to an inbox. So for this blog, we examined what happens in the inevitability that one of these emails has been clicked by someone at your organization. Specifically, we looked at what phishing really is, how to protect your business from its effects, and when you do click on a malicious link, what next?

Link to the full blog: Do THIS After You’ve Been Phished

Here’s a quick breakdown of what to do when you inevitably get that call from someone on your team:

1. Contact IT
   
   No matter what it is that happened, IT needs to always be made very well aware so they can start literally and figuratively unplugging things.  
    
2. Change Your Passwords
   
   Assuming everything is compromised, you’ll want to immediately change your passwords to stay ahead of whomever got in.
    
3. Change to 2FA/MFA
    
   We’ll spare you the belligerence for ignoring our many pleas, but you’ll want to upgrade your entire roster to multifactor authentication.
    
4. Delete New Mail Flow Rules
    
   As cyber criminals skulk around your network undetected, they often spend time constructing trap doors in the form of Mail Flow Rules.
    
5. Review All Recent Sent
   
   Continue searching for issues by diving into both your sent and deleted folders to see what the attacker might have sent and where.

Conclusion

If you need more information on social engineering, phishing, or other general cyber security advice, we’re here for you in all those ways and more. Give us a call at (864) 552-1291 and we'll help you evaluate your capabilities and options for password managers and more! Also, consider following us on LinkedIn, Facebook, and Twitter!