How New Tricks (and YOU) are Enabling Them

Satirical Site “The Onion” Finds Hackers Are No Laughing Matter

Many accounts and companies are being compromised by persistent, but arguably identifiable, phishing attacks. The attacks can allow hackers to gain access to things like social media sites or worse, online back accounts.

Even popular online sites like The Onion are vulnerable. Two weeks ago, what began as a phishing email to a few employees, allowed hackers to access Google Apps credentials and ultimately, the website’s Twitter account. (To read more, visit Buzzblog, Nothing funny about how The Onion got hacked.)

We cannot stress enough the importance of arming your company against such attacks. Here are a few security tips we encourage you to share with your employees:

Tip #1: Do Not Click on Links from Suspicious Emails.
If you get an email from your bank, health insurance company, etc… DON’T click on any links in that email. Open a browser, type in the organization’s URL, login, and see if you have a secure email from customer service that mirrors the email. You likely will not.

An increasingly popular form of social hacking is getting an email from UPS or FedEx but you should be wary. If you get an email that looks like it’s from UPS.com or FedEx.com, go to their website and type in the tracking number to confirm you have a package. Note: the URL in the email might say “http://www.FedEx.com” but when you hover your mouse button over it, it should reveal the actual address, and it could be something like “http://about-to-get-scammed.com.”

If you haven’t ordered something from one of those delivery services, be EXTRA paranoid. Bottom line: many emails that appear to come from an organization you trust are, in fact, fake and contain links to malicious sites.

Tip #2: Change Your Passwords Regularly.
We’d suggest you change your passwords at least twice a year. Put a reminder on your calendar that repeats to ensure you don’t forget.

Tip #3: Setup Alerts.
Arrange for your email and social media sites to alert you when your password has been changed. Make sure those emails go to an alternate email address. Should a change occur, you will be notified how to lock the account if it has been compromised.

Tip #4: Never Repeat or Use Similar Passwords.
While many sites prohibit it, never use the same password twice OR a variation of previous passwords. For example, don’t make your gmail.com password the same as your Twitter and Facebook password. Once one password is compromised, a hacker can gain access to your other online service.

If you are have concerns or questions about protecting your network from hackers, don’t hesitate to contact us!