We all like to think we know better than to click on links that take us to compromised websites. Nowadays, however, it’s not so easy to discern legitimate websites from malicious ones. And if you’re not careful, you could walk right into a costly cybersecurity breach.
This is why it’s worth finding out what your employees’ online habits are like. Chances are they’re putting your systems at risk by browsing these malicious websites at work. Most of the time this is done inadvertently -- but even one slip-up by a staff member can see your precious business data stolen or network compromised, or give rise to other sinister problems that can harm your company.
So how do you protect yourself? Let’s take a look at the types of websites you and your staff need to be wary of and how to avoid them.
Websites that masquerade as the ones you trust
Email is the #1 attack vector cybercriminals use to lure you into a malicious website. Some examples of these include notices from banks, online retailers such as Amazon or eBay, and even social media sites like Facebook. There will be a link in the email taking you to a legitimate-looking website, where you will be asked to key in your confidential information like social security number, credit card details, or any other personal data.
The problem is that these emails and sites are fake, and set up with the sole purpose of stealing your information. Because people tend to trust the sender, they lose focus of important details such as the spelling, the email service used, or the link itself.
Having advanced email and spam protection is easily the best way to nip this problem in the bud. Good protective systems can prevent these emails from reaching your inbox. It is also good practice to drill into your staff that they need to be extra cautious when opening links and attachments in emails, especially from unknown senders.
Fake online shopping websites
As businesses search for ways to save money and maximize returns, it’s only natural to turn to the internet as a place to buy goods and services. Oftentimes, you can find these at a much lower price than at stores, which is always good for your bottom line. But if you aren’t careful, that great deal can turn into your worst nightmare.
Fake online retailers selling the latest products at significantly reduced prices are looking to prey on unsuspecting victims. Not only will they take your money, chances are they will also take your credit card information. Remember, if a deal looks too good to be true, it probably is.
The biggest tip-off that a retail website is a scam is the domain name. Most fraudulent shopping websites have long and hyphenated domain names and misleading subdomains. Also, make sure to check the browser window before you enter any of your personal details. Consider it a red flag if there is no padlock icon before the usual “https://” in the web address bar, because this means your data is not secure and can fall into the wrong hands.
For years, hackers have been using “malvertising” tactics to secretly spread malware through online advertising networks that display ads on reputable websites. These ads are designed to automatically redirect users to a malicious third-party website. And it doesn’t just stop at the infected computer -- it will spread to other devices on your network as well.
Up-to-date operating systems and browsers are the strongest form of defense against malvertising. You can also install ad blockers to get rid of intrusive banners and pop-ups that could pose risks.
It’s counterproductive to impose some draconian internet policy that alienates your staff, even if they do have unsafe online habits. Arguably the better approach is to bring on a managed services provider to constantly monitor your systems and fix potential problems before they spread and become bigger issues.
Don’t get tricked by shady websites or other dangers waiting to take your company down. USWired is here to protect your business from all forms of cyberattacks. Contact us today. We’re more than happy to give you the benefit of our security expertise.