Modern cybersecurity solutions continue to develop and enhance an organization’s ability to protect itself from cyber criminals. Tools such as security appliances, email security, hardware tokens and multi-factor authentication all contribute to keeping bad actors at bay. Cybercriminals know that many organizations have a sophisticated, multi-layer approach to security, which is why they have changed their tactics. Instead of focusing on hardware or software exploits they have turned their attention to an easier infiltration point: human users.
Building a strong human firewall security mindset is critical to protect your organization and personal data. To stay vigilant, it is important to remember to Stop, Look, and Think during your daily operations. Whether you are receiving an email, answering a phone call, or simply browsing the internet, questioning requests that are made to you can safeguard your information.
For example, there has been an uptick in cybercriminals using compromised accounts from legitimate sources to both bypass traditional filters and exploit human weaknesses by sending from an account their victim recognizes. In this real-world example, a cybercriminal has compromised an account of a user at an organization that you work with. They then use this account to send an email to you with an attachment asking you to open it and review. Inside the attachment is an embedded link, and clicking it prompts you to enter your email and password to view the file. By entering your credentials, you’ve unknowingly given your information to the attacker.
Having a strong security mindset could have prevented this attack. When the email is received review the way it is written and consider the context of the message. Does it match the sender’s usual writing style? Were you expecting an email containing an attachment from this contact? Slowing down and taking the time to ask these questions before opening anything contained in the email could have prevented this attack. In this scenario, if the link was accessed then it is important to consider the request for credentials. Does it make sense in this situation that an attachment from a colleague would require you to enter your email and password? Your password should never be shared with others. When in doubt there are multiple courses of action to take before interacting with the email. One is to contact the sender via another method, such as a phone number you have previously contacted them at. You can then ask them if they sent this email/document, and if not, you can report the message to IT and let the sender know to investigate their account. CSOLVE managed customers can also contact our team to report suspicious emails and activity.
By implementing a security first mindset into your daily routine you can safeguard your organization and help mitigate threats to your accounts. Remember, the human firewall is the last line of defense! If you have any questions or are interested in signing up for CSOLVE’s security awareness training program, contact our team today.
The CSOLVE team will be participating in the upcoming Bowl for Kids’ Sake event supporting Big Brothers Big Sisters North Simcoe! Taking place across 3 nights in 3 of our communities, the event is a great fundraising event and a ton of fun. Looking to register a team or support the event? Sign up today: Bowl for Kids Sake 2024 | Big Brothers Big Sisters
Congratulations to our valued partner, the CLH Foundation, on their successful fundraiser, “A Red Carpet Concert”!
This incredible event took place last weekend and raised over $100,000 dollars in support of CLH Developmental Support Services! We had the honour of being a Gold sponsor of the event, and were blown away by the tremendous response! The work that the CLH Foundation does makes such a difference in our communities! Thanks to everyone who made “A Red Carpet Concert” such a resounding success! Read more about this event, the CLH Foundation, and how you can help here: A Red Carpet Concert | CLH Foundation