Connect with us

Hi, what are you looking for?

HEADLINES

Secure your SMBs: Tips on how to fend off dangerous phishing emails

Based on the latest statistics from Kaspersky, the global cybersecurity company’s Anti-Phishing System prevented 834,993 phishing attempts against companies with 50-250 employees in the first three months of 2020.

The COVID-19 pandemic is not totally over, but shelter-in-place orders gradually are. Starting this month, many countries in Southeast Asia are gradually lifting their different forms of lockdown. Some companies are ready to use their well-designed business continuity plans, but those are going to be a very small percentage in the SMB industry. Returning to work post-physical restrictions, SMBs are facing a wide range of challenges including cybersecurity threats.

Based on the latest statistics from Kaspersky, the global cybersecurity company’s Anti-Phishing System prevented 834,993 phishing attempts against companies with 50-250 employees in the first three months of 2020. It is a 56% increase compared with the same period last year with just over 500k fraudulent attempts blocked. In terms of per country statistics, all of the six countries in SEA registered an increased number of fraudulent emails blocked by Kaspersky in Q1 2020 as compared with the same period last year. 

“It is undeniable and totally understandable that economic recovery and employee health are particularly important for businesses post-lockdown. However, it is essential to not overlook cybersecurity as SMBs gear up to return to business as usual. In the 21st century, phishing attacks are by far one of the most popular forms of cybercrime, which increases in quality and quantity every day. Its danger can range from a simple virus which can be scanned quickly to a multi-million-dollar heist, such as the case of the Central Bank of Bangladesh back in 2016, which was made possible by a targeted phishing email,” says Yeo Siang Tiong, General Manager for Southeast Asia at Kaspersky.

“There are some common signs among phishing emails that users should be particularly aware of, such as suspicious attachments or links, poor grammar, spelling errors, unprofessional graphics, unnecessary urgency about verifying your email address or other personal information being asked immediately. Cybercriminals are piggybacking on anything related to COVID-19, too! So to protect organizations from phishing attacks, SMBs should look into securing their email systems and their endpoints as well as empowering their employees about the basic but highly important online habits,” adds Yeo.

To further fend off the risk of phishing attacks, Kaspersky experts suggest the following for SMBs:

Advertisement. Scroll to continue reading.

Teach your employees about the basics of cybersecurity

For example, not opening or storing files from unknown emails or websites as they could be harmful to the whole company, or to not use any personal details in their passwords. In order to ensure passwords are strong, staff should not use their name, birthday, street address and other personal information. 

Regularly remind staff of how to deal with sensitive data, for example, to only store it in trusted cloud services that need to be authenticated for access and that it should not be shared with untrusted third parties.

Since the human factor plays an important role in this type of threat, Kaspersky has also launched a 20-30 minutes free online course, which tackles how companies can secure their current remote working environment. It is accessible through this link. 

Employ a password-change policy to your employees

Advertisement. Scroll to continue reading.

Passwords protect all computers and other devices. Your IT security policy should cover strong password use; also set up a password-expiration policy to force users to change their passwords every 90 days. Avoid logging in to online banks and similar services via public Wi-Fi networks. Hotspots are convenient, but it’s better to use a mobile connection or wait to get to a secure network than to lose all of the money on your credit card or in your bank account. Open networks can be created by criminals who, among other things, spoof website addresses over the connection and thereby redirect you to a fake page.

Patches, updates, and legitimate software

Cybercriminals also tend to exploit vulnerabilities in software to compromise systems. For this reason, it is essential to set aside a time to run patches and updates that are regularly issued by software companies. SMBs should also use only legitimate software to avoid falling prey to attackers targeting the security loopholes of pirated tools.

Install comprehensive security software across all your devices 

You need security on everything – servers, PCs, and other connected devices. Set it up to stay up to date and renew it on time. As emails are key communication platform for SMBs, Kaspersky also offers in SEA six months free licenses for Kaspersky Security for Microsoft Office 365. This tool is an advanced, all-in-one threat protection for Microsoft Office 365’s communication and collaboration services. It curbs the spread of malicious threats including ransomware, viruses, Trojans, phishing, among others. Interested companies can find out more about this promo via this link. 

Advertisement. Scroll to continue reading.

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

In rigorous evaluations conducted by prestigious cybersecurity testing organizations, Kaspersky Plus (starting in Q4 2024, Kaspersky Premium), Kaspersky Endpoint Security for Business (KESB), and...

HEADLINES

"Given the Philippines' high exposure to cyber threats, it's important for both individuals and businesses to stay vigilant," said Adrian Hia, Managing Director for...

White Papers

When compared to 2023, Sophos saw a 51% increase in abusing “Living off the Land” binaries or LOLbins; since 2021, it’s increased by 83%.

HEADLINES

Someone illegally acquires or uses personal information such as bank account or credit card numbers of another person to obtain money, goods or services....

HEADLINES

To stay ahead of these challenges, organizations need to invest in AI-driven defenses, transition to quantum-safe encryption, and adopt a Zero Trust approach to...

HEADLINES

There was a 121% Year-on-Year (YoY) increase in identity fraud in 2024 across the region, with significant surges recorded in Singapore (207%), Thailand (206%)...

HEADLINES

As part of RCBC’s 2024 Cybersecurity literacy program, the webinar aims to help Filipinos level up their online banking safety by providing them with...

White Papers

The survey found that CXO’s feel less prepared than their global peers. Less than half or 48% in APAC said they felt completely prepared...

Advertisement