23Nov

Don’t Get Hooked! Spear Phishing Prevention Best Practices

By Phishing, Small Business IT Management

Unfortunately, phishing attempts are now part of our daily lives—and although they may be more commonplace, that doesn’t make them any less dangerous. Successful phishing attacks can cripple a business operationally and can also cost a fortune between ransomware “fees” and lost profit. Whereas phishing emails may be random, and sent to any number of recipients, spear phishing attempts are much more targeted and therefore much more dangerous. The average financial loss associated with a successful spear phishing attack as of 2016 was $1.6 million (with some payouts upwards of $50 million) and as online attackers grow increasingly savvy, understanding how to safeguard your business from spear phishers is vital.

Because spear phishing attempts prey on our innate trust, and our likelihood as humans to make mistakes, it is crucial that businesses and associates understand which best practices to put into effect to guard against these attacks. Below, the team at Avatar Computer Solutions has compiled a list of phishing prevention best practices which when put into effect will help keep your systems safe and your information out of the wrong hands—potentially saving you and your business a small fortune.

1. Stay Informed

When a string of muggings hits a neighborhood, chances are those residents will want to know as much as they can about the attacker. Just as knowing what height, weight, and build the attacker was can help residents stay alert and avoid an attack, recognizing the signs of a spear phisher can accomplish the same goal. Here are some things to look out for: 

  •  Non-specific greetings: “Hello user,” or “Attention Amazon customer” should be an obvious red-flag, but keeping your guard up and your eyes peeled for these greetings can help avoid becoming a spear phishing victim. 
  • Typos galore: There’s a good chance anyone reading this has received an email from an entity claiming to be a business or a service provider, yet unable to properly capitalize “PayPal.” While these typos may seem like an obvious giveaway, even phishing emails with an abundance of spelling errors can scare victims into clicking via threats of account deletion or even legal action. 
  • Links and attachments: Oftentimes spear phishing emails will follow a threat of account deletion with a link, usually preceded by a prompt such as “click here to regain access”. Under no circumstances should you open a link or an attachment unless you are 100% certain of its sender. 

While these may be age-old signs of spear phishing attempts, new methods are being implemented every day. Employing a healthy sense of skepticism regarding emails of unknown origin, paired with routine security training sessions, can help keep users informed on the latest spear phishing tactics and keep information out of the hands of ransomware attackers.

2. Keep Private Information Private

Since spear phishing attacks are targeted, they rely on personal and private information to be effective. Information can be easily harvested by spear phishers from social media—where you live, what kind of car you drive—and when in the hands of these attackers even the most minute details can be weaponized. For this reason, in order to avoid giving spear phishers information to use against you in ransomware attacks, it is recommended that all social media accounts be made private. While this shields your information, it is also wise not to volunteer too much personal information on social media in the unlikely event that an account is compromised. Keeping private information locked down or off social media altogether gives spear phishers less ammunition to use against you and can save your business.

3. Invest in a Proven Defense System

While it is crucial that teams stay informed and take every precaution to avoid volunteering key information to spear phishers, humans ultimately have a tendency for mistakes. A study compiled by Comparitech discovered that 97% of users cannot correctly identify a spear phishing email, meaning it is more important than ever to have a back-up plan in place. The Cyber team at Avatar Computer Solutions takes a proactive approach to spear phishers, so attackers are thwarted before they even get a chance to strike. Attackers will continue to look for every vulnerability, but a solid managed cybersecurity system from Avatar will keep you several steps ahead of spear phishers at all times. 

For businesses of any size a successful ransomware attack can be devastating, and those wanting to protect their business should implement these phishing prevention best practices immediately. Security threats are constantly looming, and businesses without a spear phishing defense system are sitting ducks. Contact Avatar Computer Solutions today to ensure you have the best possible defense against spear phishers. 

Share this post

Author

Related Posts

04Jan

Solve Problems Before They Arise With Proactive IT Management

Information Technology professionals are quite accustomed to solving problems as they arise, but what if there was a way to... read more

16Dec

Crush Your Small Business IT Goals with Rock Solid Strategy

Small business IT goals are fundamental! If operating a small business was easy, then everyone you know would have a thriving... read more

22Apr

Out With the Old, In With the New – Upgrade Your Tech with Section 179

When new employees join your business, are they saddled with hand-me-down technology that’s seen better days? If you’ve tried to... read more

22Apr

Does Your Company Need a vCIO? Take Our Self-Assessment

If you’ve never heard of a virtual CIO, you probably assume you don’t need one. But, virtual CIOs, or vCIOs,... read more

22Apr

How to Integrate IoT into Your Business: A Checklist for Getting Started

The Internet of Things (IoT) is impacting thousands of businesses every day, from connecting endpoints – like mobile devices, televisions... read more

22Apr

5 Catastrophes that Made IT Disaster Recovery Critical in 2017

“Disasters don’t happen here.”That kind of thinking can be tempting when you’re deciding what IT recovery plan to include in... read more

22Apr

Five Myths About the Cloud – Debunked!

It’s human nature to be wary of something new, something different – something that seems too good to be true.... read more

22Apr

What? You’re Not Using Office 365? If You’re In The Weeds, We Can Help

Chances are that your competition is already using the Microsoft Office 365 suite of tools to maximize their productivity and... read more

22Apr

Three Ways Your Managed Services Provider Minimizes IT Downtime

What do you think of when you hear that the server/network/system is down? Is it customer dissatisfaction, loss of productivity,... read more

22Apr

Invest in Yourself with Section 179 Tax Deduction

Invest in Yourself with Section 179 Tax DeductionThink about it, a new employee joins your business, chances are they are... read more