As your business steps into a new year, ask yourself – are you taking measures to protect your investment? From financial to sweat equity, you put your all into owning and running a small business. For many people, that means missing out on life’s little moments to ensure your family is provided with everything they need.
While you may be budgeting for dance lessons for your child or home improvement needs, there’s one thing you should always keep in mind. There are people out there hell bent on disrupting the lives of innocent, unsuspecting people. Hackers are plotting phishing attacks and hoping to dupe you into clicking a link that allows them access into your life.
5 Tips To Keep Your Small Business Safe From Phishing Attacks
Moving forward, make sure your business is up to the task of identifying and eliminating phishing attacks.
1. Educate Yourself & Your Employees About Common Phishing Tactics
Education is key to avoiding falling victim to a phishing attack. But there are a few things you can keep an eye out for starting now:
- Emails from addresses that look slightly different from normal
- Typos or strange phrases in emails that otherwise look official
- Over-pixelated photos or brand logos
Hackers often impersonate legitimate businesses to dupe people like you into clicking on dangerous links. For instance, if you have an account with Chase Bank, you probably receive emails from them often. But you may receive emails that appear to be from Chase, but the spelling is off by a letter or two. Even if it seems legit, don’t click on any links inside the email. Always open a new browser and type the URL of the bank to access your online banking safely.
Additionally, in their attempts to pull one over on you, hackers will pull graphics they find online to make their emails look like the real thing. This will often be obvious when the graphics are too pixelated or just look a little off.
Brooks IT Services comprehensive solutions include teaching you and your employees about phishing tactics. Contact us today to keep your business, yourself, and your employees safe from hackers.
2. Keep Your Antivirus & Antispyware Software Updated
Do you hit “remind me later” every time a notification pops up to update your antivirus or antispyware software?
This is a common response but isn’t advisable. You have defensive software to keep you safe. And for it to work properly, it needs to be updated regularly.
Software works to the best of its ability by learning new data through updates. Since hackers are coming up with new phishing tactics daily, if not hourly, your software needs to stay aware.
If you keep putting off the updates, your software only knows to look out for what was happening before your last update. With the world changing, ransomware taking bites out of huge companies, and hackers on a never-ending mission to steal from small companies like yours, it’s time to put your defensive software to work.
3. Set Up Two-Step Authentication
Do yourself a favor by going ahead and setting up two-step authentication. Whether or not you run your business online, hackers are looking for ways to get into your system.
There are a number of ways hackers get your information. A data breach could release your passwords. If you’re in the habit of reusing passwords across multiple sites (as dangerous as that is), you’re basically giving a stranger access to your files and even financial information.
However, if you have two-step authentication set up, they have another wall keeping them away from your most important data. This is because even with your password, there is a second step in proving your identity with each login.
There are a few ways to utilize two-step authentication, which is also known as two-factor authentication (2FA) and multi-step authentication.
Text Code
This may be the most popular form of two-step authentication. When you log in to a website, a code is texted to you. Newer phones will detect this and autofill the code into the appropriate field for you. On older devices, you may need to either copy and paste or write down the code and then enter it into the field on the website. Keep in mind, text code is only as safe as your phone is. Keep your phone secure at all times with a passcode and/or facial recognition.
Email Code
Another popular way to use two-step authentication is by having the website email you a code. However, just like text code, this is only as secure as your email. Make sure you are the only person with access to your email account and change the password often. Furthermore, all devices you use to access your email must also be secure with unique and hard-to-guess passwords.
Authenticator App
The most secure way to use two-step authentication is through the Google Authenticator App. Instead of linking secure access codes through text or email, the codes link to this app.
Even when you’re not using the app, the codes for the different linked websites change every 30 seconds. So even if someone has your password and somehow sees your secure code on the app, it will be ineffective within 30 seconds.
This route leaves the hacker creeping over your shoulder with the equivalent of an old password that’s already been updated.
While an authenticator app is the most secure, any form of two-step authentication will increase your security against phishing attacks.
Need help setting up two-step authentication? Get in touch with Brooks IT Services to get your network security up to speed.
4. Avoid Insecure WiFi Networks
When you’re out running errands and find yourself standing in line waiting to return your latest purchase, do you find yourself thumbing through your phone?
Since our phones are basically attached to our hands these days, it’s a common distraction when we’re bored or trying to wait patiently. And I’m sorry, but that email or social media post needs to wait. Yes, even when you’re waiting for your double shot hazelnut frappe with extra cream and chocolate sprinkles on top.
The reason for this is that public WiFi networks are not secure. Using public WiFi can leave you vulnerable to hackers and their phishing attempts. They can gain knowledge about you to use in finely crafted emails and text messages to trick you into clicking on links.
If and when you click on these links, you give the hacker full access to your devices and online life. All the hard work you’ve put into building your small business could go out the window. Your best bet is to wait until you’re at home or in your office with a secure WiFi connection to access your online accounts.
5. Implement Passwords Protocols
It’s amazing that all that may stand between your business’s success and downfall is a password. Yep, even the password of your new employee could disrupt all the hard work you’ve put into building your small business.
To keep your business, finances, family, and employees safe, you need to implement password protocols. This can include:
- All passwords change monthly or quarterly
- Passwords don’t include any personal or professional information
- The passwords should be unique and hard to guess
- Each password should include upper and lower case letters, numbers, and special characters
Set a company wide alert to remind yourself and your employees to change passwords at your preferred intervals. Make sure passwords are not written on sticky notes where anyone can see. You never know the true intentions of the person delivering water or even your newest intern. It’s always better to be safe than closing your business because you can’t afford to come back from a phishing attack.
Ready To Look Forward To A Prosperous 2022 (Sans Phishing Attacks)?
Brooks IT Services provides comprehensive IT services to small Houston businesses to help them grow. If your small business needs help with efficiency and security, we can get you on the right track.
With IT managed services, we can keep your network in tip-top shape and keep you and your employees aware of the latest phishing tactics. Contact us today to learn how we can help your business.