It only takes a couple of clicks to compromise your IT network and the human link remains the weakest one. Being able to identify a social engineering scam is important because malware can result in identity theft, a takeover of your business network and have real costly consequences, in the case of a successful ransomware attack.

Email phishing is a tactic employed by hackers whereby they send an unsolicited email pretending to be someone else and try to trick you to give up personal information or sensitive company data. If they access this information they can use it to[steal your identity, access your online accounts or install malware.

So, what do you need to be on the lookout for?

First, most emails will appear to be legitimate. They will use familiar company names and logos, like Facebook or UPS, Amazon, PayPal etc. Or, the email will appear to come from a colleague, like your accountant.

Second, always be wary of emails that contain links and attachments from unknown senders. If there’s a link, double-check it or, if it’s embedded, hover over it and check it to see if you can find any suspicious elements in it. Never click on a link or open an attachment from an unknown source.

Third, the email will almost always request sensitive information. Ask yourself, is this type of request normal? Generally, no one will ask for sensitive information via email. So, if you are tempted to reply, double-check with a fellow employee or call the vendor directly to verify the request.

What can you do to prevent a phishing scam?

First, be highly vigilant of any unsolicited email, especially emails that request personal information or sensitive company data.

Second, participate in ongoing security awareness training.

Third, ensure your IT provider has invested in centralized security tools, such as a firewall, spam filters, anti-virus and patch management and that these tools are up-to-date.

Remember, it only takes a few clicks for hackers to take advantage of the weakest link in your organization: computer users. We encourage all professionals to participate in annual security training. Threats are constantly evolving so staying current is important. Every organization needs a “human firewall.”

Concerned about your cybersecurity awareness? Join the BBB of Vancouver Island and Smart Dolphins for a complimentary lunch and learn.

Date: Friday March 23
Time: 12-1:00 pm
Location: Smart Dolphins Headquarters: #303-3995 Quadra St. Victoria (third floor Saanich Centre)

Please use the form below to register. RSVP required. Lunch included. Capacity limited to 12.