Black Friday (24 November 2017) is marked with a flurry of online activity, which cybercriminals see as an opportunity to target victims using spear-phishing and malicious attachments harbouring ransomware.
Heino Gevers, Customer Experience Manager at Mimecast, explains the sudden peak of year-end cybercrime:
“Cybercriminals can use Black Friday to sneak into business systems unnoticed or activate malware, via unsuspecting consumers within an organisation.
Employees will be hitting the digital malls on business devices and over business networks. They’ll click on dozens of marketing emails advertising ‘not-to-be-missed’ specials, increasing the likelihood of a successful phishing attack or an accidental malware download.”
A recent study by Mimecast and Vanson Bourne shows that 58% of organisations in South Africa saw an increase in untargeted phishing over the last year, while 53% noticed an increase in spear-phishing (malicious links targeted at an individual or organisation).
Additionally, a third (32%) of organisations had sensitive data sent via email, by an employee, in response to a phishing attack. And Black Friday is peak phishing season, as marketing emails – legitimate and otherwise – flood inboxes.
Here are three simple rules to make you more secure and more importantly more cyber-resilient:
- Employee Training is Your First Line of Defence
As hacking methods advance, a cursory look at an email address or website URL is simply not enough to ensure authenticity. Cleverly designed duplicate websites and often-unnoticed website redirects could see employees inadvertently handing over access to your organisation’s data or systems. It’s essential that businesses train employees on email-safety best practices and how to approach suspicious emails with a particularly critical eye.
- A Multi-Layered Security Approach is Key
According to Gevers, “One of the best ways to keep businesses secure is layering of security. Start off with good firewalls, which should always be your first line of defence against a breach of your network, then add extra layers to email and the websites and apps your business uses. This layered approach makes the overall experience more secure for both vendor and customer.”
- Reliable data recovery is your Best Bargaining Chip
Ransomware is fast becoming the most common and damaging form of cyberattack. But your attackers will have little bargaining power if they are unable to separate you from your data permanently. That’s why a secure and reliable archive is your best chance of tipping the scales in your favour. An always-available archive allows you to restore your data should disaster strike.
- Stay online no matter what
It’s not only the data or monetary loss that you need to consider, downtime could cost you productivity and potentially customers and revenue. Be prepared to quickly and seamlessly switch to an available service, should downtime due to a cyber-attack occur. A continuity solution allows access to everyday tools, like Microsoft Outlook or G-Suite by Google Cloud, in the event of an outage. If PCs or the broader network are affected, it’s useful to be able to access email through the web or mobile continuity apps.
If you’ve covered these bases, your chances of falling victim to an email based attack this Black Friday will decrease dramatically, as will the impact of any attack that manages to slip past your tight protocols.