Call (716) 373-4467

Phishing continues to be a top exploit for small business breaches, and companies should take notice. Of the 360,000 spear phishing email attacks examined over a three-month period, the most common types were brand impersonation (83%) and business email compromise (11%). Such breaches can be leveraged to steal payment and personal information.

Here are some best practices for protecting your business:

1) Take advantage of AI

2) Don’t rely solely on traditional security

3) Deploy account-takeover protection

4) Use multi-factor authentication

5) Conduct proactive investigations

6) Train staffers to recognize and report cyber-attacks

7) Conduct proactive investigations

8) Maximize data-loss prevention

Call 716-373-4467 x 15 to review with a Databranch Security Expert!

https://www.techrepublic.com/article/how-to-prevent-spear-phishing-attacks-8-tips-for-your-business/

With the breach of Reddit being disclosed this week, it’s key to remember the importance of robust cybersecurity, given that the hacker of the site was able to bypass 2FA. The actor was able to do this by using a method called ‘SMS intercept’ which is when the hacker is able to receive the text that contains the code for authentication. One way this is done is by SIM-swap, which is when the attacker convinces the phone provider that he is the target and applies their service to a new SIM card. Another method of attack is when bad actor impersonates the target and tricks the phone provider into transferring the target’s number to a new provider where the attacker is then able to access any 2FA codes coming into the phone.

A more secure alternative to SMS 2FA is app-based authentication through organizations such as Duo, which is not subject to the same vectors of attack. Stay vigilant out there, because SMS-intercept attacks are going to become more and more prevalent as they have been shown to be successful, and publicly too considering Reddit is one of the most popular sites on the internet.

 

Databranch has recently started offering a new Cyber Security offering. We will monitor your credentials in real-time on the Dark Web and notify you immediately when these critical assets are compromised, before they can be used for identity theft, data breaches, or other crime. Please call 716-373-4467 x 15, email info@databranch.com, or click here to get started!

 

2FA AI APC backup Breaches business continuity Business Email Compromise BYOD client of the month cloud computing computer services computer support computer upgrade Computer Upgrades Control Chief covid-19 CryptoLocker CryptoWall Cyber Attacks cyber criminal cyberattack cybercrime cybersecurity Cybersecurity Training Dark Web Monitoring Dark web scan Data Breach Data Breaches data protection Data-Loss Prevention Databranch Databranch Comprehensive Care databranch cto databranch employees Device Security Discounts DNS Filtering doug wilson dura-bilt email migration email security End of Support Exchange Online Facebook field technician Hackers Hardware Refresh heat-induced server crash holiday computer tips holiday internet tips How Long Do I have to Upgrade my Windows 7 Computers? i.t. service provider ID Agent Information Technology Internet Security IT Compliance IT Outsourcing IT Security IT Services J.P. Morgan Juice Jacking local admin privileges malware managed service managed service provider managed services MFA Microsoft Microsoft End of Support Microsoft Office Microsoft Patching Microsoft Support Microsoft Telephone Scam mike wilson mobile device security Mobile Devices Multi-Factor Authentication Network Infrastructure Office 2013 Office 365 old UPS password management Password Manager Password Protection password security Passwords PC Performance Penn-Troy Manufacturing Personal Data phishing Phishing Attacks Power Failure productivity Professional Tune-Up proper server environment Ransomware remote access repeatbusinesssystems SBS2011 Scammers Scams security Security Key security vulnerabilty Server 2008 Server 2008R2 Server Upgrade server virtualization Small Business Small Business Server 2011 smb Smishing SMS SMS intercept Social Media Social Media Security Solid-State Drive stolen credentials Symantec Symantec Backup Exec technology best practices temperature Tips Two-Factor Authentication Upgrading to Windows 10 UPS virus VPN Vulnerabilities Vulnerability Assessment Warning Signs Western New York Windows 10 Windows 7 Windows Server 2003 Windows Server 2012 winrar Work Computers