Any cyberattack is dangerous, but the particularly devastating ones are those on supply chain companies. These can be any supplier – digital or non-digital – of goods and services.We’ve seen several attacks on the supply chain occur in 2021 that had wide-reaching consequences. These are “one-to-many” attacks where victims can go far beyond the company that was initially breached.Some recent high-profile examples of supply chain attacks include:Colonial Pipeline: A ransomware attack caused this major gas pipeline to be shut down for nearly a week.JBS: The world’s largest supplier of beef and pork products was hit with ransomware that caused plants in at least three countries to shut down for several days.Kaseya: This software company had its code infected with ransomware, which quickly spread to IT businesses that used its products and to roughly 1,500 of their small business customers. Why do you need to be worried about supply chain attacks even more so than in the past? Because they’ve been growing and are expected to continue…

Stolen login credentials are a hot commodity on the Dark Web. There’s a price for every type of account from online banking to social media. For example, hacked social media accounts will go for between $30 to $80 each.The rise in reliance on cloud services has caused a big increase in breached cloud accounts. Compromised login credentials are now the #1 cause of data breaches globally, according to IBM Security’s latest Cost of a Data Breach Report.Having either a personal or business cloud account compromised can be very costly. It can lead to a ransomware infection, compliance breach, identity theft, and more.To make matters more challenging, users are still adopting bad password habits that make it all too easy for criminals. For example:34% of people admit to sharing passwords with colleagues44% of people reuse passwords across work and personal accounts49% of people store passwords in unprotected plain text documentsCloud accounts are more at risk of a breach than ever, but there are several things you…

Phishing is the number one method of attack delivery for everything from ransomware to credential theft. We are very aware of it coming by email, but other types of phishing have been growing rapidly.In recent years, phishing over social media has skyrocketed by 500%. There has also been a 100% increase in fraudulent social media accounts.Phishing over social media often tricks the victims because people tend to let their guard down when on social platforms like Facebook, Instagram, Twitter, and LinkedIn. They’re socializing and not looking for phishing scams.However, phishing scammers are out there looking for you and will reach out via friend requests and direct messages. Learn several ways you can secure your social media use to avoid these types of covert attacks.Make Your Profile Private on Social PlatformsPhishing scammers love public profiles on social media because not only can they gather intel on you to strike up a conversation, but they can also clone your profile and put up a fake page for…

Whether you work remotely or in an office, the line between personal and work tasks can become blurred when working on your company computer. If you’re in front of a computer for most of your time during work, then it’s not unusual to get attached to your desktop PC.Over time, this can lead to doing personal things on a work computer. At first, it might just be checking personal email while on a lunch break. But as the line continues to get crossed, it can end up with someone using their work computer just as much for personal reasons as work tasks.In a survey of over 900 employees, it was found that only 30% said they never used their work PC for personal activities. The other 70% admitted to using their work computer for various personal reasons.Some of the non-work-related things that people do on a work computer include:Reading and sending personal emailScanning news headlinesShopping onlineOnline bankingChecking social mediaStreaming musicStreaming videos/moviesIt’s a bad idea to…

In 2020, 75% of companies around the world experienced a phishing attack. Phishing remains one of the biggest dangers to your business's health and wellbeing because it’s the main delivery method for all types of cyberattacks.One phishing email can be responsible for a company succumbing to ransomware and having to face costly downtime. It can also lead a user to unknowingly hand over the credentials to a company email account that the hacker then uses to send targeted attacks to customers.Phishing takes advantage of human error, and some phishing emails use sophisticated tactics to fool the recipient into divulging information or infecting a network with malware.Mobile phishing threats skyrocketed by 161% in 2021.Your best safeguards against the continuous onslaught of phishing include:Email filteringDNS filteringNext-gen antivirus/anti-malwareOngoing employee cybersecurity awareness trainingTo properly train your employees and ensure your IT security is being upgraded to meet the newest threats you need to know what new phishing dangers are headed your way.Here are some of the latest phishing trends…

It’s not unusual to change a mobile number from time to time. For example, when you move, you may want a number that is local to the area you just moved to. Companies also may end up recycling mobile numbers throughout their staff as people come and go.If you don’t properly detach your mobile phone number from all the accounts it’s used with, you can leave yourself open to identity theft, credit card fraud, and other crimes.In a 2021 Princeton University study, it was found that 66% of mobile numbers listed as available by major mobile service providers were still connected to accounts on popular sites (Amazon, PayPal, etc.).  So, after the former owners had turned in the number, it was available for someone else to use when signing up for mobile service. And that number was still being used on the former owner’s cloud accounts, allowing those accounts to easily be breached.Princeton University study on the risk of recycling mobile numbers.Because our mobile numbers are…

The global damage of cybercrime has risen to an average of $11 million USD per minute, which is a cost of $190,000 each second.60% of small and mid-sized companies that have a data breach end up closing their doors within six months because they can’t afford the costs. The costs of falling victim to a cyberattack can include loss of business, downtime/productivity losses, reparation costs for customers that have had data stolen, and more.You may think that this means investing more in cybersecurity, and it is true that you need to have appropriate IT security safeguards in place (anti-malware, firewall, etc.). However, many of the most damaging breaches are due to common cybersecurity mistakes that companies and their employees make.The 2021 Sophos Threat Report, which looked at thousands of global data breaches, found that what it termed “everyday threats” were some of the most dangerous. The report stated, “A lack of attention to one or more aspects of basic security hygiene has been found to…

Hardly any phone call system in a business beats VoIP when it comes to efficiency and flexibility. However, it’s not immune to cyberattacks. Discover how you can secure your VoIP ASAP.What kind of communication system are you using for your business?I asked because many modern-day businesses have now switched to the Voice Over Internet Protocol (VoIP). This technology allows employees to perform voice calls using only their internet connection. It’s often a wise choice considering that using VoIP comes with several benefits to a business.Among its benefits include lower operating costs, greater convenience than traditional services, increased accessibility, higher scalability, and the ability to multitask. VoIP also comes with advanced features for teams of all sizes, is completely portable, and offers superior voice quality. However, VoIP systems also have limitations, with cyberattacks being their number one downside. The good news is that it’s possible to protect a business’s VoIP system from hackers. And if you already implemented this in your business, it’s not too late to secure it.Read…

Printing devices are often overlooked when it comes to security. But the reality is, cybercriminals can hack your printer to get confidential information. Your printer is probably the last piece of computer equipment you thought needed protection from cybercriminals. But the truth is very different. Attackers actively try to locate the weakest links in security to gain access to and exploit valuable data. And among the weakest links is the printer.The thing with printers nowadays is that they have access to your devices, network, and the internet. This new open-access functionality makes them an ideal target for cyberattacks. Unfortunately, many business owners overlook the importance of securing their printers and mainly focus on computers and mobile phones. Most people still perceive printers as internal devices that serve basic functions. For this very reason, they are an easy target for cybercriminals.Other than performing unauthorized print jobs, hackers can access confidential information as well as all connected computers and networks all through a printer. You may also not be aware of the…