28 October 2022

8 Things You Can Do Every Day To Protect Yourself From Cybercriminals

Cyber Awareness Tips and Training

There are two sides to cyber security: software and humans. Cybercriminals are constantly trying to find faults in code, systems, platforms and applications and whilst unsecured endpoints are a serious cybersecurity risk, human error poses a greater threat. According to Verizon's 2022 Data Breaches Investigations Report, 82% of data breaches involved a human element.

This means that you are your own worst weakness. However, once you are aware of this, you can start making proactive changes to protect yourself and your confidential information. October is Cyber Awareness Month, and the theme is “See Yourself in Cyber”. So we wanted to arm everyone with the simple actions they can take to defend themselves and others from cyberattacks.

Keep an eye out for phishing clues

Spelling and grammar errors are common signs that an email isn't legitimate. Cybercriminals are looking for a way through your inbox. Be mindful of phishing tactics and check for clues.

  • Email phishing

    Phishing is a type of social engineering where a cyberattacker sends spoofed, fake, or otherwise deceptive messages to trick you into revealing sensitive information or to deploy malicious software,  like ransomware, on your infrastructure. 

  • Spear phishing 

    Spear phishing involves an attacker directly targeting a specific organization or person with tailored phishing communications.

  • Whaling

    Similar to spear phishing, whaling refers to spear phishing attacks directed specifically at senior executives and other high-profile targets.

  • Smishing

    Similar to email phishing, except attackers use cell phone text messages to deliver the "bait".

  • Angler phishing

    This new type of phishing attack targets social media users. Cyberattackers disguise themselves as customer service on social media to trick a disgruntled customer and obtain their personal information or account credentials.

Beware of links and attachments

Hover over a link in an email to check the URL before clicking on it. Be sure you trust the sender before you click on links or download attachments. Especially if they end in .exe, .cab, .htm or .jar.

Use multi-factor authentication

Add an extra step to the verification process for transactions and data access. A single mistake can be costly without a two-step process to verify an email instruction to transfer funds or grant access to sensitive data.

Encrypt sensitive communications

Use encryption whenever possible to convey sensitive information. If you need to send sensitive information via email, consider using encrypted attachments in case they fall into the wrong hands.

Corroborate information

Be careful of scare tactics in emails. Verify them through a trusted alternative source. Some scammers will make bogus claims from institutions like banks, hospitals or the government with a link for more information that leads to a fake site.

“Act Now” is a red flag

Emails that demand immediate action warrant suspicion. If an email tries to alarm you and insists you click a link or provide personal information, there is a good chance it's a phishing scam.

Keep personal information private

If an email asks for personal details like your ID number, don't provide it. Legitimate entities should never request personal data via email. Don't respond to these emails or click on any links in them.

Tailor bulk invoice messaging

Craft a good message for the body of bulk invoice emails. When doing mass billing, you differentiate your emails from generic invoice spam by differentiating them with branding and a decent message.

Cybersecurity awareness should be everyone’s priority. So do your part and be proactive about protection, not just during Cybersecurity Month, but every month of the year.