Get Started Today!  732-747-9373   

Fotolia 68929807 M new

DeckerWright Corporation Blog

Verifying Messages

CyberCriminal

Cyber attacks have grown much more sinister and cunning over the past year. Cyber criminals are using multiple methods of messaging to get an unsuspecting user to respond and thereby allowing the cyber criminal the means to deploy their malware on your computer system. Here are some examples of recent threats:

  • Email Messages - Cyber criminals compromise or spoof an employee's or trusted senders email account and send out a plausible email sending the recipient to a website, a file link or download. If the recipient follows the directions, they allow the cyber criminal to install malware on their computer.
  • Phone Calls - Cyber criminals have become adept at "spoofing" phone numbers to make a call appear to be from a trusted source. If you receive a call from one of your vendors (eg, credit card company or bank) and they begin to ask for account of user credential information - HANG UP.
  • Text Messages - Cyber criminals are sending carefully crafted text messages with links that can compromise mobile devices. Following the link can install software on the device that allows cyber criminals access.
  • Social Media Messages - Messages from social media platforms can obtain links to websites controlled by cyber criminals. These may be a completely fictitious website, or a website that has been compromised by the cyber criminal to distribute malware to unsuspecting victims. Malware is often disguised as a document to be downloaded on an interesting topic.

How can you protect yourself from becoming a victim?  The first rule of cyber security is trust no one.  If you aren’t expecting to receive a message containing a link or file download, suspect the message is from a cyber criminal.  

The second rule is to verify the authenticity of the message using a different messaging method to a trusted address.  For example, if you receive an email with a link to a file from a trusted sender, but were not expecting the link, reach out to the sender to confirm the authenticity of the request.  DO NOT simply reply to the email asking if the email is okay.  If the cyber criminal has compromised the sender’s email account, they may be the ones responding to you that the email is okay.  Use an alternative messaging method like a phone call or text message to the sender to confirm the message’s authenticity.  Never respond to a sender by replying to the email, calling the number or filling out a form from a link in a suspicious message.  Always go to your contact list and reach out to the sender with a known safe message method.  If you get an email from your credit card company, never call the number in the email, always call the number on the back of your credit card.  This trusted verification process is similar to multi-part authentication used during logins.  Verify to a second, trust source before proceeding.

The third rule is to NEVER download and install either a plug-in or software from any website that is not fully trusted.  DO NOT trust web sites from trade associations and third party experts in your industry.  Website development for small business often use web developers who are not well versed in how to harden websites from being hacked leaving holes cyber criminals can exploit.  Be suspicious of any link that takes you to a location you have never been to before.  Verify the file download by contacting the entity to confirm its safety and authenticity before downloading anything. 

Cyber criminals continue to evolve their techniques for attacking businesses.  As always, knowledge is our best and last line of defense against their success.

Click HERE for more details.

Windows 10 Upgrade Options
Why Cyber Crime?

Mobile? Grab this Article!

Qr Code

Latest Blog

Verizon recently came out with its Gigabit internet connection service. We have several clients that have gotten the 1 GIG service only to find that they aren’t getting 1 GIG throughput when they run speed tests, including Verizon’s speed test. Why?There are two main factors...

Account Login