CHICAGO — No matter how big or small your company is, cybercriminals are continually looking for targets of opportunity. As computers have come to play a crucial part in not only our businesses but in our everyday lives, Chris Birk warns that not protecting yourself from online attacks can be catastrophic.
A computer expert with deep family ties to the drycleaning industry, Birk, along with his associate, Brandon Chance, recently presented “Practical Things You Should Be Aware of about Computers and Security,” as part of the February webinar series presented by the Drycleaning & Laundry Institute (DLI).
In Part 1, we examined some of the tools and attack strategies of the enemy. Here, we’ll take a look at some ways you and your staff can protect yourselves and your business from online criminals.
Look for Red Flags — When browsing the internet or even answering your phone, it’s more important than ever to keep your guard up, Birk says, because cybercriminals are getting more sophisticated in their attacks. Users should always be on the lookout for “red flags.”
“Maybe it’s an uneasy feeling about an email, text or phone call about an account you don’t actually have,” he says. With emails, look first at the subject line. “Is the subject expected or irrelevant?” If it’s a receipt for something you never purchased, for instance, that’s a red flag. If it’s marked as a reply (‘RE:xxx’) — like ‘RE: Our phone call’ or ‘RE: Answers to your questions’ — to a conversation you’ve never had, that’s a red flag.”
Some emails might look legitimate at first glance, but Birk urges people to look deeper. “A misspelled hyperlink, such as ‘www.paypall.com’ is a huge red flag.” Other “malformed” links are tip-offs that something’s not right, as well; a link like “americanexpress.johndoe.com” does not go to American Express.
Above all, never open files or attachments sent through an email you didn’t request. “If an attachment is not expected, that’s a red flag,” Birk says. “Attachments are one way that a lot of worms and viruses are spread. So, just don’t say, “Oh, gee, I just guess I’ll open this and see what it is.’ You don’t want to do that.”
Physical Attacks — Curiosity is a quality we all share, and one that cybercriminals depend on. Finding what appears to be a lost thumb drive can be an irresistible temptation for some.
Birk urges you to resist it.
“A person puts malware on a thumb drive and labels it “payroll records” or some other term, and then drops it back in the parking lot,” he says. “You see that thumb drive on the ground, and you think, ‘Gee, I wonder what information is on it?’ You put it in a computer and, bingo, your computer has now been infected. Be very cautious with thumb drives that you don’t know the origin up.
If you must see what’s on it — if you believe it might actually be information important to you — Birk suggests using an old PC or laptop not connected to your network. “Take a look at what’s there,” he says, “and if it looks really odd, toss it.”
HTTPS is Your Friend — Surfing on unsafe web pages is a recipe for picking up a virus or other piece of malware, or for having sensitive information captured. Fortunately, Birk says, there is a way to verify that a website is legitimate, and the answer is in the web address. Websites using transport layer security (TLS) will show “HTTPS” at the beginning of their address, rather than just an “HTTP” prefix. Some browsers will also display a padlock icon to indicate the site is using security. “If you are going to enter private information, such as a password or credit card number,” Birk says, “the browser should reflect that it is in ‘HTTPS’ mode.”
Antivirus — While modern operating systems have virus checkers and firewalls built in as standard, it still is a good idea to invest in specialized antivirus software to protect your critical systems. Birk suggests researching, using publications like PC Magazine, which reviews the pros and cons of different software packages. “There are five to 10 ‘top programs,’” he says. “See how they are rated and how they perform in various tests. You may need a combination of good internet security software, back-up software and more for good protection.”
One key element Birk points out is the “operating overhead” an antivirus program might require. “One downfall to these security programs is that some of them eat away at your PC, taking a lot of CPU power to run,” he says. “If you have less than a brand-spanking-new PC, it could cause your PC to crawl, so look at this factor, as well.
Click HERE to read Part 1 of this feature, and click HERE for the conclusion, where we’ll examine other steps you can take to protect yourself and business from hackers with bad intentions.