Hackers and cyber attackers will stop at nothing to obtain your passwords, credit card information, social security numbers and more. But you're not powerless to stop them.
Posted in Practice Resources on Thursday, May 6, 2021
Cyber attackers make a lot of money doing the unethical, harmful and downright annoying things; hackers use automation to send out literally trillions of emails each day. They only need a small percent of recipients to engage with those emails to be successful. And unfortunately, they’re only getting better at their craft. Some of the emails they send look so legitimate at first glance, you might not notice you’re caught in their trap until it’s too late.
Here are four things you can do to protect yourself and your information.
Use the tools that come with your email service.
Gmail and Microsoft and most other providers include a built-in filter that checks for spam phishing and viruses. These will knock out 90% of the automatically generated emails.
Educate yourself and your employees.
Learn what to look for in an email and how to identify it as malicious. Hackers have gotten smarter. Now they find information freely available on your company website to create more targeted email attacks, and they send emails that look like they’re from your boss or banker or a trusted vendor. How do you know if they’re legit or not? Here are a few tips:
- Hover your mouse over the sender’s email address. Many times it won’t match the implied sender at all – it will be a Gmail address or a slight misspelling of the legitimate domain name.
- Look for spelling errors in the email.
- Beware of emails that use urgent-sounding language or demand that you take immediate action, especially if the request is unexpected.
- Unsure? Call the company or person who supposedly sent the email to confirm.
Passwords are the next key, literally.
The number one rule – and it’s not about a sticky note under your keyboard – is don’t use the same password for everything. When a website you use gets hacked, the bad guys have your password for that site. They will now try to use that email and password combination on other sites.
The idea of having a different password for each website can be daunting. In the last few years Chrome and Microsoft Edge have made it simple; you can choose to have your web browser create and save your passwords. You’ve probably noticed this when you sign up on a new site. As long as you’re signed in to your browser, you don’t have to remember individual passwords, even if you’re on different computers or devices.
Two-factor authentication is a hero.
Chrome, Facebook, and other sites now suggest multi-factor authentication to protect you. When you login to a site from a new device, you’ll be prompted to take another step. With Chrome, you simply log into Gmail and confirm you’re accessing the system. With Facebook, you’re provided a verification code that you enter. Many other sites are using this technology now.
If you have access to an IT consultant, it could be worth having them spend an afternoon with you, checking out your systems and making recommendations. At the very least, follow the steps above to keep your practice and your patients safe. Following a few simple steps to prepare yourself and your team against cyberattacks is much easier than dealing with the aftermath of falling prey to the bad guys.