The recent cybersecurity incidents at large UK companies such as Marks and Spencer and Co-op shows us all that it doesn’t matter who you are – you can still be affected by people targetting your infrastructure. Yes, the size of your company may make you a bigger target but it also means that your ability to protect yourself against such attacks is likely to be greater because of your available resources.
Certainly in the case of Marks and Spencer, it appears that the weak point didn’t necessarily come from their Cybersecurity protection – but it actually came from something much closer to home – us! It appears that staff members or third party IT providers at Marks and Spencer received fake helpdesk warnings to update their password and then once staff members had unwittingly supplied the hackers with their password, they were then able to infiltrate the systems and install ransomeware on them.
This has re-enforced my well held view that the weak point of any IT system is in fact the humble human being.
So what can we do about it?
Well, as with most things, knowledge is key. My belief is that effective information sharing (like what i am doing in writing this blog article) and training will dramatically reduce the effectiveness of hackers.
I’ve written about parts of this area before but it’s never bad to re-iterate some key takeaway points.
The best advice i can give is
- Ignore and delete emails where the “From” name and email address doesn’t marry up or where well known domain names are spelt incorrectly. Even if the From name and Email address do “marry up” if something doesn’t quite add up i.e. the language is odd or they are requesting something that you are not expecting then ignore or delete the email.
- be suspicious of emails that have attachments from sources that you don’t recognise.
- be suspicious of emails that request you to make payments or to provide bank details.
- be suspicious of emails that you don’t automatically recognise and that request you to click on links to complete forms. Hover over the link and see where it is getting you to go to – if the website address doesn’t look genuine or doesn’t marry up with the sender email then it’s likely to be an infected site.
- be suspicious of emails that have content using language that doesn’t seem “normal” or is poorly written. Use your own common sense and ask yourself whether the person in question would send the email in that format and using the language they do. If you know the person, check with them to see whether they sent that email.
- be suspicious of emails that have a sense of urgency about them.
- be very suspicious of all emails with “zip” files in them, even from people whom you recognise.
- be suspicious of emails asking you to change your passwords in a variety of systems. Generally speaking modern IT systems won’t ask you to change the password for their systems.
- Be suspicious of work emails that request you to start conversations over platforms such as WhatsApp. Often this will lead to fraudulent requests from scammers. Check with the person via other contact methods.
- be suspicious of WhatsApp requests that have a sense of urgency about them or request you to do something that sounds “odd” or out of character. Check with the person sending you the WhatsApp via other contact methods to see whether it is them.
With any of the above, if you are targetted with emails, WhatsApp’s or other contact methods which show behaviour like this, check with your IT support team or a knowledgeable friend or staff member first and if in any doubt then ignore the request. A safety first approach is always the best approach!
Contact
If you’d like any advice around these areas then please contact me at [email protected] or call me on 01473 345321.
