Cybersecurity Awareness Month: Tips for Staying Protected

October is Cybersecurity Awareness Month. We want to take this opportunity to raise awareness and pass along a few tips to help keep your data and software systems protected.

At ECI, we are dedicated to helping you thrive in an increasingly risky cybersecurity world. We have a team of dedicated security and cloud experts along with a variety of security measures designed to keep your data safe in our cloud-based solutions. But security is a shared responsibility, so we wanted to pass along a few best practices to help protect yourself against the two most common attacks – phishing and social engineering.

Both attacks rely on the victim performing an action at the request of a bad actor.? Often the bad actor will call, email, or text the victim asking them to click on a link and enter their credentials, grant remote computer access to perform some troubleshooting, or run a credit card to “test” the POS system.

Tips to protect against phishing:

• Use strong, unique passwords for each account, and never reuse passwords across multiple systems
• Treat an email you aren’t expecting as suspicious and expand an email sender’s name to spot spoofed email addresses
• Be particularly wary of the five signs of a phishing email – unfamiliar greetings, poor grammar, mismatched email domain, unusual requests, and an unusual sense of urgency
• Before clicking on a link, hover over it to see the URL and type it directly into your browser instead of clicking
• Never open attachments from unverified senders?

Tips to protect against social engineering:

• Treat any unexpected email, phone call, or text message as suspicious
• Be especially wary of pressure to handle a request urgently
• Always verify the legitimacy of a request by calling the person or company back on a number you’ve looked up yourself
• Never give out sensitive information like credit card numbers, Social Security numbers, or billing information to an inbound request
• Never give remote access to a computer system from an inbound call or text.? Always call the company back via the official phone number you’ve looked up yourself.

If you follow these simple guidelines, you can significantly reduce your risk of falling for a phishing or social engineering attack.?

?

For more cybersecurity resources, check out some of our recent blog articles:

• Phishing Vigilance: What Your Employees Must Know to Identify and Stop Attacks
• 5 Reasons Your Business Is Safer In The Cloud
• Is Your Company Prepared for Data Recovery After a Natural Disaster?

??

This article was written by Brian Winters, Chief Technology Officer for ECI Software Solutions