Phishing schemes cost over $57 million in 2019, according to the FBI Internet Crime Complaint Center. Whether you’re operating a small business or a multinational corporation, find out how to assist your employees to recognize and avoid phishing scams. The best source of protection for your sensitive business information comes from managed IT services from a leading IT company, and here are some tips they would give.
1. Maintain the Latest Browser and Operating System Versions
Part of managed IT services is monitoring your operating system and browser updates. If even one computer in your company doesn’t have the latest versions, you may be at risk. These updates often include the latest anti-phishing filters.
2. Block Pop-Ups
One of the most common avenues of phishing scams is a pop-up window. Most browsers allow you to block pop-ups, so only allow these new windows when you’re sure it’s part of the legitimate website.
3. Don’t Click on an Email Link
Even if it’s an email from a trusted client, double-check the link to see where it would take you. Don’t click on it, but manually enter any suspicious URL. Many phishing links appear to be reputable sites but it only takes switching a few similar letters to make it appear legitimate.
4. Avoid Entering Personal Information Into an Unknown Site
A common phishing scam involves entering your personal information into an unsecure website. Don’t enter any PIN, social security number, or other personal information into an unknown site or pop-up until you’ve verified that it’s safe.
5. Delete Suspicious Emails
Generic sales pitches and offers that are too good to be true are often scams. Don’t open a suspicious email. If you receive an unusual email from a known client or individual, don’t be afraid to reach out via a new email thread to verify that the previous email was sent from the client.
6. Use a Standard Account
Using your administrator account for day-to-day operations exposes you to unnecessary risks. Switch to a standard account unless you’re performing administrative tasks. Even if you become the victim of a phishing scam or malware, your standard account has less access to sensitive information than an administrative account which would minimize the impact should your account get hacked.
7. Follow Browser Warnings
Treat any warning related to unverified sites as serious. Your browser may alert you that you’re about to enter an unsecured site, but it’s always better to be safe than to enter an unsafe site.
8. Use Malware Protection
Most browsers have malware protection. This can sometimes seem overly sensitive in sending warnings and blocking pop-ups, but it reduces your risk of being exposed to malware. Enable this protection and verify that every computer on your business network has it enabled.
9. Check for an Extended Validation Certificate
An Extended Validation, or EV, certificate helps keep you safe from suspicious or unsecured sites. You can verify the site by clicking on the padlock icon in the URL bar to see if the site is certified.
10. Be Proactive with 24/7 Network Monitoring
Your company has private data that needs to be secured. Work with a managed IT services provider for 24/7 network monitoring; this service helps you stay vigilant as phishing scams continue to evolve as hackers look for better ways to obtain your sensitive data.