Many phishing attempts can be thwarted simply by educating your employees. Even if you catch red flags in an email, such as typos or poor grammar, an urgent demeanor, or even a spoofed domain, how can you truly decipher the safety of an email?
An immediate step you can take is to watch out for one of the most critical tell-tale signs of a phishing email – a mismatched or fake URL.
Why is hovering important? What can it do for you?
Hovering not only allows you a moment to think before proceeding, it allows you the opportunity to see where a link is going to redirect you. This is especially important because not all links lead to where they appear, or insinuate they'll go.
When you hover, check for the following to ensure you're staying safe and secure:
Alert from KnowBe4 - Hovering Over Links
Sep 30, 2022 9:00:00 AM / by KnowBe4 posted in IT, Cyber-Security, Ransomware, Cybersecurity, Email Compromise, Vendor Email Compromise, VEC, Cybercrime, Cyber Crime, Small Business, Phishing
Ransomware + Data Breach Attacks = Expensive Incident
Apr 28, 2020 11:04:31 AM / by James Keeler posted in IT, Ransomware, Cybersecurity, Email Compromise
The Maze group, which is behind the relatively new REvil/Sodinokibi ransomware, has doubled down on the malicious functionality of their malware. The ransomware now exfiltrates large amounts of live data before encrypting the victim’s systems; and the Maze group threatens to dump that data online if the victims don’t pay. Not wanting to be left behind in how much damage they can do and potential money they can extort from businesses, other cybercriminal organizations are starting to jump on this bandwagon as well, including the LockBit ransomware developers.This means that whereas before “ransomware was just ransomware” (which is a bad enough crisis for a business), now it also must be considered a potential data breach, requiring all of the costly and potentially embarrassing notifications, forensic investigations, legal costs, and disclosure involved in that process. Also, if you’re in NYS, don’t forget about SHIELD data breach notification requirements.
If you’re not already doing everything you can to prevent these kinds of attacks from victimizing your business, the potential costs of an incident have just increased exponentially. Insurance and good backups are no longer good enough to weather the business disruption of a ransomware incident.
Should I Pay the Ransom?
Jul 9, 2019 1:05:15 PM / by James Keeler posted in IT, Cyber-Security, Ransomware