Cyber Security Warning - Fraudulent Emails

By Samantha Cordell | December 10, 2020

Email WarningWe wish to advise that there has been a surge in fraudulent emails targeting SME organisation’s over the last month. Without the correct protective measures in place, organisations can easily find themselves falling prey to convincing fraudulent emails, resulting in payment diversion to cybercriminals, and breaches of client information and networks.

These types of malicious emails can be incredibly difficult to detect, as they imitate trusted individuals and organisations through convincing and well disguised email addresses, using very plausible reasons to request for changes in billing information or account details, or prompt you to click on harmful links or attachments.

Diamond IT strongly advises the following to protect your organisation against fraudulent emails:

 

Enable Multi-factor Authentication (MFA) immediately

Multi-factor Authentication means that intruders no longer just need a username and password to access your resources, there is always at least one more method of authentication required.

This ensures that the user logging in is who they state they are, and protects your credentials if they are compromised. 

MFA is one of the most effective and defences that can be easily implemented to protect your network and business data. When implemented correctly, MFA creates a difficult block for cybercriminals to have to surpass in order to steal credentials and perform malicious activities.

If you have been recommended to enable MFA for your organisation and are yet to move on the decision, enable it now.

 

Patch Regularly

Patch management (or 'patching') is a term used which describes the process of distributing updates to software, which corrects vulnerabilities and improves user experience, performance and security. Patches are written by software vendors to repair bugs and improve stability. Without these updates, your systems can quickly become vulnerable to security threats.

Automating your patch management will not only reduce the number of hours involved in manual updates, but ensure that all software, regardless of whether it is located in your office or remotely, remains updated and secure.

One of the benefits of being a Diamond IT Managed Services customer is that we proactively monitor the health and security of your network, and apply the latest updates on a weekly basis. These updates are applied to each machine regardless of their location, to ensure the ongoing security of your system.

 

Train your staff

With cybercriminals increasingly targeting your people rather than your systems to gain access to your networks, ensuring your employees have the tools and knowledge they need in order to identify and respond to potential cyber attacks is paramount.

Training for all levels of users in your organisation on cybersecurity awareness raises people’s vigilance on what to look for to spot a cybersecurity threat, as well as having the skills to safely take the appropriate action required if they do receive a malicious attempt.

Cybersecurity Awareness Training  for all levels of employees is every bit as important as the other means of protection, including software, hardware and physical security practices.

 

Implement ‘always on’ threat detection

Modern cyber threats are now capable of breaking through traditional Anti-Virus. We strongly recommend implementing a Managed Endpoint Detection and Response (EDR) solution. EDR uses Artificial Intelligence to identify and monitor all unusual behaviours, rather than only detecting and actioning known threats. This means it is the most robust defence against both current and emerging threats.

This ‘always on’ approach to threat detection and response protects your organisation from both “Zero-Day” attacks and malicious activities.

 

Review your internal processes

Internal processes and their associated policies are an important part of your cybersecurity defences. They explain not only each employees level of responsibility for the task at hand, but also sets a standard of behaviour across your organisation. 

An example of how internal processes support your cyber security strategy can be found in how your finance team may pay an invoice. If an invoice is received from someone know to your business, requesting to update account details of billing information, your internal process would step out that payment would not be made until this request was verified by someone from your finance team calling the organisation the invoice came from, to confirm verbally that this request is true and correct.

The simple review of your internal processes to ensure they are focused on security could save your business (and others) major headache, financial cost and potential data breach.

 

Consider Cyber Insurance

Dr. Alana Maurushat, Professor of Cybersecurity and behaviour at Western Sydney University says "while traditional insurance policies cover tangible assets such as computers and related hardware, cyber insurance aims to cover intangible losses associated with a breach, such as network interruption, reputation loss, notification and monitoring costs."

A cyber attack of any level could have an enormous impact on not only your brand reputation, but your finances. The IBM Security Cost of a Data Breach report found that the average cost of a data breach for individual companies in Australia is over $2 million.

Diamond IT recommends that all organisations, regardless of size, look at engaging a trusted provider for advice on what level of cyber insurance is best for their business.

 

How can Diamond help?

We can help you ensure your technology, policy and cybersecurity staff education programs align with best practice. Our Business Technology Managers (BTMs) are specialists in improving your internal cybersecurity

If you need advice on how you can ensure your cybersecurity strategy is fit for purpose, our team of Cybersecurity experts are ready to help. Contact our team on 1300 307 907 today.

LET'S TALK

New call-to-action

 

TAGS: Managed IT Services, News and General, Cyber Security, Business Technology Consulting,

About Samantha Cordell
Samantha Cordell

It is not surprising that our Head of Marketing, Samantha (Sam) has spent most of her (nearly) 30-year career in the IT industry. Sam studied a combination of computer science and marketing at the University of New England. Her dynamic, energetic and pragmatic style lends itself perfectly to tech. With a background working with major players such as Microsoft, Intel and Cisco Systems, Sam is energised by driving meaningful marketing outcomes for industry leaders.