Spydernet has been a trusted technology partner for over two decades catering to digital presence and management needs for many leading brands globally.

Post your requirements here.

    Latest News

    Phishing – How to identify and avoid

    IT News September 15, 2021

    Phishing – How to identify and avoid

    Phishing attacks are one of the most common security challenges in keeping the information secure. Whether it’s getting access to passwords, credit cards, or other sensitive information, hackers use email, social media, phone calls, and any form of communication they can to steal valuable data. While both individuals and companies can be affected, Businesses, of course, are a hacker’s favourite target.

    There are various phishing techniques used by attackers:

    Embedding a link in an email that redirects an employee to an unsecure website that requests sensitive information

    Installing a Trojan via a malicious email attachment or ad which will allow the intruder to exploit loopholes and obtain sensitive information

    Spoofing the sender address in an email to appear as a reputable source and request sensitive information

    Attempting to obtain company information over the phone by impersonating a known company vendor or IT department.

    Here are a few steps a company can take to protect itself against phishing:

    Educate your employees and conduct training sessions with mock phishing scenarios.

    Deploy a SPAM filter that detects viruses, blank senders, etc.

    Keep all systems current with the latest security patches and updates.

    Install an antivirus solution, schedule signature updates, and monitor the antivirus status on all equipment.

    Develop a security policy that includes but isn’t limited to password expiration and complexity.

    Deploy a web filter to block malicious websites.

    Encrypt all sensitive company information.

    Convert HTML email into text only email messages or disable HTML email messages.

    Require encryption for employees that are telecommuting.

    There are multiple steps a company can take to protect against phishing. The best way to combat these threats is to educate the users that are targeted. Security awareness training programs can help teach users good habits, and should be followed up with sending fake emails to test the users. Users that fail should be retrained, disciplined or potentially terminated. Other methods include: Never click on a link in an email, open the browser and type the URL in manually. If you get a request from someone that seems ‘strange’ pick up the phone and verify the request. Have a security policy for employees with specific examples of how to deal with possible situations. Look for typos, poor grammar, misspellings or bad links to images in emails and websites. For any Information Security solutions, get in touch with us now at https://spyder.asia

    • Share Now
    Top comments
    • No Comments Yet For This Post
    • Post Your Comment Here

      Your email address will not be published. Required fields are marked *