Call (716) 373-4467

Phishing continues to be a top exploit for small business breaches, and companies should take notice. Of the 360,000 spear phishing email attacks examined over a three-month period, the most common types were brand impersonation (83%) and business email compromise (11%). Such breaches can be leveraged to steal payment and personal information.

Here are some best practices for protecting your business:

1) Take advantage of AI

2) Don’t rely solely on traditional security

3) Deploy account-takeover protection

4) Use multi-factor authentication

5) Conduct proactive investigations

6) Train staffers to recognize and report cyber-attacks

7) Conduct proactive investigations

8) Maximize data-loss prevention

Call 716-373-4467 x 15 to review with a Databranch Security Expert!

https://www.techrepublic.com/article/how-to-prevent-spear-phishing-attacks-8-tips-for-your-business/

With the breach of Reddit being disclosed this week, it’s key to remember the importance of robust cybersecurity, given that the hacker of the site was able to bypass 2FA. The actor was able to do this by using a method called ‘SMS intercept’ which is when the hacker is able to receive the text that contains the code for authentication. One way this is done is by SIM-swap, which is when the attacker convinces the phone provider that he is the target and applies their service to a new SIM card. Another method of attack is when bad actor impersonates the target and tricks the phone provider into transferring the target’s number to a new provider where the attacker is then able to access any 2FA codes coming into the phone.

A more secure alternative to SMS 2FA is app-based authentication through organizations such as Duo, which is not subject to the same vectors of attack. Stay vigilant out there, because SMS-intercept attacks are going to become more and more prevalent as they have been shown to be successful, and publicly too considering Reddit is one of the most popular sites on the internet.

 

Databranch has recently started offering a new Cyber Security offering. We will monitor your credentials in real-time on the Dark Web and notify you immediately when these critical assets are compromised, before they can be used for identity theft, data breaches, or other crime. Please call 716-373-4467 x 15, email info@databranch.com, or click here to get started!

 

2FA AI APC backup business continuity BYOD client of the month cloud computing computer services computer support computer upgrade Computer Upgrades Control Chief CryptoLocker CryptoWall Cyber Attacks cyber criminal cyberattack cybercrime cybersecurity Cybersecurity Training Dark Web Monitoring Dark web scan data protection Data-Loss Prevention Databranch Databranch Comprehensive Care databranch cto databranch employees Discounts dura-bilt email migration email security End of Support Exchange Online Facebook Hardware Refresh heat-induced server crash holiday computer tips holiday internet tips How Long Do I have to Upgrade my Windows 7 Computers? ID Agent Information Technology Internet Security IT Outsourcing IT Services J.P. Morgan malware managed service managed services Microsoft Microsoft End of Support Microsoft Patching Microsoft Support Microsoft Telephone Scam mike wilson mobile device security Multi-Factor Authentication Network Infrastructure Office 2013 Office 365 old UPS password management password security Penn-Troy Manufacturing Phishing Attacks Power Failure proper server environment Ransomware SBS2011 security security vulnerabilty Server 2008 Server 2008R2 Server Upgrade server virtualization Small Business Small Business Server 2011 smb SMS intercept Social Media stolen credentials Symantec Symantec Backup Exec temperature Tips Two-Factor Authentication Upgrading to Windows 10 UPS virus Western New York Windows 10 Windows 7 Windows Server 2003 Windows Server 2012 winrar