According to the F.B.I., 2017 was a “milestone” year for the FBI’s Internet Crime Complaint Center (IC3). On October 12, 2017, the IC3 received its four millionth consumer internet crime complaint. Unfortunately, Virginia ranked among the top 10 states in number of victims affected, with a total of 9,436 incidents reported.
Cybersecurity issues for individuals and businesses alike are only growing. With that growth, however, comes the evolution of ways to protect yourself and your business from the ever-expanding threat. In 2017, the most prevalent crimes reported were Non-Payment/Non-Delivery, Personal Data Breach, and Phishing.
We are bombarded with cybersecurity terms on a near-daily basis, but what do they truly mean? “Phishing” is a process where hackers send an email communication that appears to be from a legitimate source, asking the recipient to respond with confidential information, or take some other action (clicking a link, etc.) that ultimately defrauds the recipient. Clicking on these links may insert “ransomware” (a program that freezes access to information on the computer until a “ransom” is paid to a designated recipient) or “spyware” (a malicious program that lurks in the background, collecting and distributing your private data) onto your computer.
Awareness and prevention can lessen the chances that you become a statistic. If you know what you might be up against, you can better prepare to prevent an attack. For instance, coffee shops, restaurants, and other public places often offer free Wi-Fi access. However, these networks are considered “open,” meaning any information sent or received from a device logged into these networks can be seen by others who are also on the network. These open Wi-Fi networks, though convenient, should never be used to transmit sensitive and confidential information.
Also, know what to look for in a phishing e-mail—think before you click. If you see an e-mail that looks suspicious, check the sender’s information. For instance, if your company’s e-mail addresses look like john.doe@abccompany.com, and you receive an e-mail from JohnDoe@abccompany.com, though it might look similar, be wary of the subtle differences. Likewise, if you receive a link to a document or a website that seems legitimate, mouse over the link without clicking. You will be able to see the destination and if it does not match up with what the text of the link says, clicking could mean big trouble.
To protect themselves, some companies have turned to third party vendors to have them perform an assessment of how safe a network truly is and what can be done to improve security and prevent a potential successful attack. Cybersecurity insurance is also a helpful tool that provides insurance coverage and potential reimbursement for an organization’s direct losses and any liability to third-parties stemming from a data breach.
Ignorance and lack of sophistication regarding these issues are no longer viable defenses. Cyber attacks are inevitable, but with the proper awareness and prevention, you can ready yourself and your business to minimize the harmful consequences