Contact us today!
845-876-6561

Professional Computer Associates Blog

Professional Computer Associates has been serving the Red Hook area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Would Your Users be Tricked by Social Engineering?

Would Your Users be Tricked by Social Engineering?

The term social engineering may not seem nearly as intimidating as other cybersecurity terms like ransomware or denial of service. Don’t be deceived! Some of the biggest threats to your company’s data and network security use social engineering to manipulate targets into taking a specific action - like disclosing personal information that can be stolen and exploited.

Often overlooked by the media in favor of major data breach events, there are few types of social engineering hacks that have the capability to devastate a business.

  1. Vishing: Given the fact that the number of people who fall for phishing attacks and other email scams has declined significantly, it was only a matter of time before hackers found an alternative avenue to exploit their targets. After abandoning it a few years ago in favor to digital scams, vishing - a fraudulent voice call that seeks personal information - have once again returned as a favorite among hackers and thieves.
  2. HTTPS: SSL certificates used to ensure that a website was legitimate and secure enough to protect your personal information. Websites that have ‘https’ no longer signifies security, as hackers have begun using websites that give away SSL certificates for free and using them to lull victims into a false sense of security. To make sure a website is secure, you’ll want to look for indication of an extended validation SSL (EV-SSL) which are not offered for free! EV-SSLs are signified with a green bar.
  3. Website Copy-Cats: Scammers have become very skilled at making spoof websites that look and feel just like the authentic website but are actually littered with all typesof malware. For example, after the Equifax data loss event in June 2017, Equifax set up a website to help their clients who had their information compromised with the URL: equifaxsecurity2017.com. A spoof of that website, with the domain securityequifax2017.com, was so convincing - it even tricked Equifax themselves! A few things to keep an eye out for when trying to determine if a website is legitimate, include:
    1. Make sure the URL is correct.
    2. Avoid giving out information unless a site has an EV-SSL.
    3. Look for seals of trust from other IT security websites.
    4. Beware of misspellings, typos and broken English.
  4. Every Word Password Theft: There are a lot of hacking tools that will scan through databases - including every word in the dictionary. These tools significantly increase the likelihood that a password that includes an actual word will be cracked and exploited. The best practices are ones that mix numbers, letters and symbols that make no sense.

When it comes to digital threats, for every exploit or hack that is prevented, a few, more advanced ones are developed. The best way to keep your business, and it’s data, safe is to take proactive measures and execute safe internet practices all times - and that goes for your employees, as well! Would you like to learn more about how you can stay ahead of hackers? Call us at Professional Computer Associates.

These Smartphones Make an Excellent Gift (Even To ...
Cloud-Based Backup and Recovery Works
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, 21 January 2018

Captcha Image

QR-Code

Tag Cloud

Security Tip of the Week Best Practices Cloud Privacy Hackers Technology Backup Business Computing Network Security Malware Managed IT Services Hosted Solutions Disaster Recovery Google Microsoft VoIP Business Continuity Business Software Mobile Devices Outsourced IT Productivity Email Windows 10 Data Internet Smartphones Efficiency IT Support communications Computer Hardware Innovation Cybercrime Office Android Ransomware IT Services Browser Alert Data Backup Server Telephone Systems Windows Small Business Saving Money Computers Business Management User Tips Mobile Device Management Chrome Quick Tips Upgrade Social Engineering Mobility Work/Life Balance How To Avoiding Downtime Data Recovery Microsoft Office Save Money Virtualization Law Enforcement Collaboration Holiday Network Smartphone Recovery Social Media BDR Miscellaneous Workplace Tips Passwords BYOD App Firewall Hacking Managed IT Cybersecurity Cloud Computing Office Tips Facebook Proactive IT Money Operating System Productivity HaaS Office 365 Health Information Technology Private Cloud Budget Password Two-factor Authentication Bring Your Own Device Bandwidth Flexibility Communication Managed Service Provider Wi-Fi Router Phishing Compliance SaaS Spam Gmail Data Breach Automation Remote Monitoring User Error Marketing Safety Managed IT Services Redundancy Artificial Intelligence Gadgets Value Windows 10 Data Management Black Market Risk Management Internet of Things Google Drive Employer-Employee Relationship Unsupported Software Cleaning Downtime Apps History Meetings Battery Wireless Apple Best Practice Data Security Shadow IT Mobile Device Data storage Government Spam Blocking End of Support Internet Exlporer Content Filtering Applications Settings Charger The Internet of Things Vulnerability Solid State Drive Hiring/Firing Entertainment Data Storage Public Cloud Computer Care Remote Computing Workers Wireless Technology Business Intelligence Wearable Technology Samsung Identity Theft Patch Management Business Owner Keyboard Credit Cards Scam Computing Infrastructure IT Management VPN Physical Security Mobile Computing Save Time Word OneNote DDoS Automobile Worker Assessment USB Password Manager Leadership Data Protection Amazon Web Services Servers Smart Technology Netflix Distributed Denial of Service WiFi Travel Going Green Rootkit Root Cause Analysis Television Software Tips Tech Support Troubleshooting Legal Comparison Robot Online Shopping Relocation Flash Content Laptop Training Public Computer Hosted Solution webinar Specifications Evernote Sync Two Factor Authentication Mouse IaaS Education Audiobook Wireless Charging eWaste Software as a Service Touchpad Vendor Management Data loss HBO Conferencing Millennials Outlook Telephony YouTube Windows 10s Politics Fiber-Optic Environment Hard Drives Internet exploMicrosoft Update Screen Mirroring Lithium-ion battery Humor Networking Frequently Asked Questions Big Data IT Support Running Cable Video Games Workforce iPhone Skype Electronic Medical Records Streaming Media Users Cables Advertising Google Docs Unified Threat Management Cast Telecommuting Monitor IBM Excel Sports Books Scalability SharePoint Start Menu NarrowBand Audit Virtual Reality Encryption HIPAA Unified Communications Website Remote Work Reputation Supercomputer Tip of the week Emergency Instant Messaging Files Mobile Employer Employee Relationship Computer Fan Worker Commute Notifications Theft Knowledge People Hybrid Cloud Voice over Internet Protocol Customer Current Events Windows Server 2008 Search Fax Server Colocation Professional Services Chromecast Computer Accessories FENG Data Warehousing Cortana Network Congestion Mobile Office PDF Multi-Factor Security Windows 7 Emails How to IT solutions Tools Bluetooth Document Management Loyalty Uninterrupted Power Supply Experience Google Apps Techology Trending Fraud Regulations Transportation hacker IT Plan Music Infrastructure IT Consultant Antivirus Lifestyle Amazon Benefits Botnet Business Mangement Thank You Recycling Congratulations Webinar IT solutions Administration CrashOverride

Free Consultation

Free ConsultationSign up today for a
FREE Network Consultation
How secure is your IT infrastructure?
Let us evaluate it for free!

Sign up Now!