Posts

True story: At a company I once worked for, employees received an email about an unexpected bonus. In private Slack channels, we wondered whether it was a well-played phishing attempt. Turns out, the bonus was legit, but so was our inclination to question it. Phishing—when cybercriminals pose as legitimate institutions to get info or money from you—is the origin of up to 90 percent of breaches and hacking incidents, says Frank Cilluffo, director of Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security in Alabama.

These cyber bad guys have even taken it to the next level with “spear phishing,” a practice of sending emails that appear to be from someone you personally know. “This happened to me once and it was a humbling experience,” says Adam Doupé, director of the Center for Cybersecurity and Digital Forensics at Arizona State University in Tempe. Turns out, the email seemed to be coming from a colleague, and Doupé was boarding a plane when he got it so he wasn’t as careful as he would normally be. “I ended up replying with my cell phone number,” recalls Doupé. “When the phisher responded with a request to send gift cards, the alarm bells went off.”

Knowing that a cybersecurity expert got played, an average person has to be hypervigilant. But could you be missing out on legit offers and emails because you’re being too cautious? Your first line of defense: install a protection software (like Malwarebytes). This sort of protection that lives on your computer, coupled with our expert tips below, will stop phishers in their tracks.

3 Ways To Tell If It’s Phishing Or Not

Experts say there are a few things you can do if you’re unsure whether an email is a phishing attempt.

1. Check the email address carefully.

Hover your cursor over the full email—not just the sender’s name—to see if anything looks off. “For instance, instead of .com, the address may contain .ru,” says Cilluffo. (.Ru indicates that it’s from a Russian server.) Compare the address on a recent email to one that you’ve responded to previously.

2. Call or text the person you think may have sent the email.

Ever receive an email from a friend or colleague and it seems off? Maybe it’s much briefer than usual or perhaps they addressed you by your full name rather than a nickname. Trust your gut, and don’t respond or click on any links or attachments until you’ve verified the email. While it truly may just be a link to their kids’ fundraiser, it could be the work of a cyber criminal trying to get you to download malware—aka malicious software.

3. Verify through an independent news source.

Sometimes you may receive an email about an important recall notice or info about a class-action lawsuit. Search on a trustworthy news site whether the link contained in your email appears in any news articles, suggests Doupé.

Bottom line?

Cyber criminals are getting more and more creative at making their phishing attempts appear legitimate. Go with your gut, slow down to verify the validity of messages you receive and install a protection software (like Malwarebytes) to stop phishers before they start.

Are you interested in learning more about cybersecurity? Call us today and discover how our wide array of tech services can safeguard your business.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from yahoo.com SOURCE

Without technology, businesses cannot compete and succeed. But with the advancement in technology comes the ever-constant threat of hackers and cybercriminals. That’s why small- and mid-sized businesses (SMBs) need to protect themselves with robust cybersecurity solutions managed by reputable managed IT services providers (MSPs).

The numbers

Through the years, the number of SMBs falling victim to cyberattacks has drastically increased. Ransomware attacks, misconfigured systems, credential stuffing, and social engineering are among the many cyberthreats that SMBs face. Also, according to Verizon’s 2021 Data Breach Investigations Report, one in every five data breach victims was an SMB. What’s more, only 47% of SMBs are able to detect breaches within days.

The financial consequences have also considerably increased. IBM’s Cost of a Data Breach Report 2021 shows that “data breach costs rose from USD 3.86 million to USD 4.24 million.”

The numbers don’t lie, so it’s only about time SMBs take cybersecurity seriously. You can safeguard your business from cyberattacks and provide a more secure customer experience by working with a trusted MSP.

Why managed services?

Partnering with MSPs is the most effective way to prevent attacks and defend against malicious threats. MSPs offer a full range of proactive IT support that focuses on advanced security, such as around-the-clock monitoring, data encryption and backup, real-time threat prevention and elimination, network and firewall protection, security awareness training, and more. Here are some of the services an MSP can offer:

    • Around-the-clock monitoring – A cyberattack can happen at any moment. By having someone watching your networks and systems 24/7, MSPs ensure that any potential threats are identified and dealt with quickly.
    • Data encryption and backup – Data encryption transforms readable data into an unreadable format. This can be done through the use of a key, which is only accessible to authorized users. This way, even if the data is compromised, it can’t be read without the key. Meanwhile, data backup is the process of creating and preserving copies of data so that it can be restored in the event of data loss.
    • Real-time threat prevention and elimination – By using technology that can detect and stop threats as they happen, this security solution can minimize the impact of an attack and keep your business data safe.
    • Network and firewall protection – Networks and firewalls create a barrier between the business network and the internet, securing confidential data, such as customer information, employee records, and trade secrets. Networks can be configured to allow certain types of traffic through while blocking others, so that only authorized users can access specific resources.
    • Security awareness training – Now, more than ever, SMBs need to be aware of cybersecurity threats and how to protect themselves. MSPs can facilitate security awareness training that can help employees spot red flags and know what to do (and not do) to keep company data safe.

Managed IT services are designed to identify and fix weak spots in your IT infrastructure, enabling you to optimize the digital backbone of your business processes. With managed IT, you’ll also have faster network performance, a solid business continuity and disaster recovery strategy, and minimal downtime. You’ll also get a dedicated team of IT professionals ready to assist you with any technology-related problems. This is much more effective and budget-friendly than having in-house personnel juggling all of your business IT needs.

Being proactive when it comes to cybersecurity is the only way to protect what you’ve worked hard to build. If you’d like to know more about how managed services can benefit your business, just give us a call — we’re sure to help.

Are you interested in learning more about cybersecurity? Call us today and discover how our wide array of tech services can safeguard your business.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from techadvisory.org SOURCE

Small businesses aren’t exempt from Russian cyberthreats, according to US officials. Here’s what to know.

In the wake of Russia’s invasion of Ukraine, cybersecurity concerns in the US are mounting for small businesses, home offices and larger enterprises, according to national security alerts issued by the FBI, DHS and CISA.

Even though government-sponsored attacks are gaining public attention, cyberattacks from independent actors or groups are always a concern for small to midsize businesses. Factors like budget and IT staff limitations can leave small businesses more vulnerable to cyberattacks. The Small Business Administration reported there were 32.5 million small businesses in the US as of 2021.

There’s no foolproof way to completely protect yourself from online attacks, but the first step is to understand what the threat is, where your business may be at risk and which proactive steps you can take. To that end, we’ve compiled a list of cybersecurity tips for small business owners.

Know the most common cyberattacks

Cyberattacks can take many forms and are constantly evolving, according to the US Small Business Administration, but the best defense is knowing the most common cyberattack forms like malware, viruses, ransomware and phishing.

Malware is an umbrella term for malicious software that aims to damage your computer, server, network or client.

Viruses and ransomware are also considered as types of malware. Viruses mean to infect your computer as well as other devices, leaving your system vulnerable. Ransomware, which has been on the rise in the US, works like a virus, but is usually delivered through a phishing email and essentially holds your system hostage until a sum is paid.

Phishing is a type of scam that tricks people into clicking links that appear legitimate, but are actually malicious. Clicking the link infects your device with malware. Once your system is infected, cybercriminals can attempt to steal sensitive information. Phishing falls in a wider category of social engineering, a tactic meant to deceive individuals into disclosing sensitive information or clicking a malicious link.

Train employees to be security-conscious

Cybersecurity is a team effort. Make sure your employees create strong passwords and reset them on a regular schedule. Employees should be aware of red flags that indicate phishing emails and malicious files, as well as have an action plan in the event that an attack happens. It’s also important to keep devices, software and browsers up to date. The FCC suggests establishing clear guidelines for internet use, how to best handle customer data, as well as penalties for violating those policies.

Secure your Wi-Fi networks

Your business’ Wi-Fi should be secure, encrypted and hidden, according to the FCC. Your business’ router needs to be password protected, and it shouldn’t broadcast the network name.

If your small business is operated out of your home, consider whether it’s time to upgrade your router to handle modern security threats. If you’re new to Wi-Fi networking, CNET has a handy FAQ that covers the basics.

Back up your files

Cyberattacks often mean to compromise, delete or steal your data. Backup programs can help mitigate this risk. It’s even better if the backup software you’re using lets you set up a schedule or automate backups, according to cybersecurity firm Kaspersky. Keep a copy of your backups offline in case of a cyberattack.

Use antivirus software

Finding the right antivirus software is an important weapon in your small business’ arsenal against cybercrime. Antivirus software doesn’t have to break your bank either — Microsoft Defender is free for Windows, for example. Check out CNET’s guide for the best antivirus software for more information.

For more information, check out big tech’s efforts to support Ukraine shift the industry’s role and how you can help Ukraine refugees and those affected by Russia’s invasion.

Are you interested in learning more about cybersecurity? Call us today and discover how our wide array of tech services can safeguard your business.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from cnet.com SOURCE

Hackers have found a clever way to get around anti-malware software — they’re using fileless malware, a type of malicious software that’s not as visible as traditional malware. This means it can infect your entire infrastructure without you even knowing. Let’s take a closer look at how fileless malware works and what you can do to defend against it.

What is fileless malware?

Fileless malware is malicious software that doesn’t rely on executable files to infect your infrastructure. Rather, it hides in your computer’s random access memory and uses trusted, legitimate processes, such as Microsoft Office macros, PowerShell, and Windows Management Instrumentation.

Fileless malware isn’t as visible as traditional malware. It uses a variety of techniques to stay persistent and can adversely affect the integrity of a business’s processes and the infrastructures that run them. Because there are no files to trace, fileless malware escapes detection by most anti-malware programs, especially those that use the databases of known threats. Most automated sensors cannot recognize illicit scripts, and cybersecurity analysts who are trained to identify them usually have a hard time determining where to look.

What potential damage can fileless malware do?

If it is not detected and removed, fileless malware can do a lot of damage to business systems, such as:

  • Steal or destroy data
  • Modify files without authorization
  • Act as a backdoor for other types of malware
  • Cause system crashes and instability
  • Disrupt normal operations by taking up CPU time or memory

Examples of high-profile fileless malware attacks include the Democratic National Committee hacking in 2016 and the Equifax data breach in 2017.

How big of a threat is fileless malware?

Cybersecurity provider WatchGuard Technologies’s Internet Security Report for Q4 2020 found that fileless malware attacks during the year jumped by 888% from 2019. Worse still, their Q2 2021 report revealed that just halfway through 2021, the number of fileless malware detections originating from scripting engines like PowerShell was already at 80% of 2020’s total script-initiated attack volume.

How can you defend against fileless malware?

Your business should practice defense in depth in which you implement multiple safeguards to reduce exposure and mitigate damage. Such safeguards include keeping your systems updated, limiting user access rights and privileges, cultivating a security-aware workforce, and utilizing advanced security solutions that analyze behavioral trends. Lastly, you should also partner with a managed IT services provider that offers 24/7 network monitoring, security audit, and penetration testing. Call us today to get started.

Are you interested in learning more about cybersecurity? Call us today and discover how our wide array of tech services can safeguard your business.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from smallbusinesstechnology.com SOURCE

Maintaining your WordPress website is not as hard as it seems — just follow this simple maintenance checklist we’ve prepared for you. We’ve outlined six essential tasks that you should perform regularly to keep your WordPress site running smoothly.

Create complete backups of your website

One of the most important things you can do to protect your website is to back it up periodically. This will allow you to restore your site if something goes wrong, such as a hacker attack or server crash. There are several ways to create backups, including using plugins or manually copying your files and database. But while plugins like BackUpWordPress and hosting servers like SiteGround automate the backup process, performing manual backups may still be necessary to cover all your bases.

Verify your backups

Just because you have backups doesn’t mean they’re doing their job. You should test your backups regularly to make sure they are working properly. This can be done by restoring a backup to a test site or simply downloading the files and checking them to make sure they are complete. The last thing you need is for your backups to fail on the day you need them most.

Perform daily security scans

One of the best ways to stay ahead of potential security threats is to monitor your website closely for any signs of compromise. A good way to do this is to perform daily security scans, which will help you track any changes or suspicious activity. There are a number of different tools and services that can help you with this, and one of the most popular ones is Sucuri. Not only does this plugin carry out inspections, but it also sends an SMS to notify you of any suspicious activity and emails you a daily status report of your website’s security.

Scan for malware

Cyberthreats are growing in both number and sophistication. With every passing day, new strains of malware are developed and released onto business networks and systems. Unless you are a bonafide hacker yourself, detecting malware might be a little tricky. WordPress plugins like Wordfence keep your website safe using the latest firewall rules and flagging the latest malware signatures and malicious IP addresses.

Conduct page speed audits

Slow and steady may be qualities valued by some, but not when it comes to your website. Plugins like Google Pagespeed Insights test how fast your site loads. If it takes more than five seconds, you should consider implementing caching and other measures to speed up your site. Slow sites put off visitors, and that further lowers those sites’ search rankings.

Review your site’s structure and content

Just as you should periodically review your website’s security, you should also take a look at its overall structure and content. Are the pages well organized and easy to navigate? Is the content relevant and up to date? If not, you may want to consider making some changes.

Forbes, National Geographic, and The New York Times are all powered by WordPress, which means you are in good company. By sticking to the checklist, you too can harness the power of this online, open-source website creation tool. Or, instead of signing up for half a dozen services that need daily check-ins, why not have us take care of all of it for you? If you have further questions, don’t hesitate to send us an email or give us a call!

Ask yourself what your website is doing for you and whether it’s aligned with your business needs and objectives. The GCInfotech professional web design team is here to help.

Published with permission from TechAdvisory.org. SOURCE

Malware creators will target anyone and everyone, including Mac users. So even though Apple computers are less vulnerable than Windows PCs, they are not completely impervious to cyberattacks. Read on to find out the different threats you should protect your Mac against, as well as signs that your computer has been compromised.

What are the threats that can affect your Mac?

There are several forms of malware that hit Apple products, and their effects can range from ones that are merely annoying to downright destructive.

  1. Adware – These are unwanted programs that bombard users with pop-up advertisements. Some malicious adware piggyback spyware like keyloggers and keyboard sniffers onto their deployment protocols, allowing them to record your typing habits and monitor your browsing behavior.
  2. Sniffers – These are usually designed to detect certain words on a web page and in a person’s typing pattern in order to trigger the keylogger. For instance, when you type your password, sniffers can activate the keylogger to copy the information you type and steal your login details.
  3. Trojan horses – These can infect both Macs and PCs, and they are often deployed through fake software installers or unsecured updates. They parade as legitimate software that actually contain a nasty surprise once installed. A notorious Trojan horse for Macs is the MacDownloader, which attempts to steal personal data stored in iCloud Keychain.
  4. Macro viruses – These attack computers by running a code that can take screenshots, format hard drives, corrupt files, deliver more malware, and access webcams and microphones. They are triggered when a user opens an infected macros-enabled file, hence the name.
  5. Ransomware – Macs managed to hold off ransomware for a while, but nowadays, even they can be vulnerable to it. KeRanger was one of the first big ransomware outbreaks in Macs. After remotely encrypting the computer and hibernating for three days, KeRanger would issue a .txt file containing instructions for decryption in return for one bitcoin.

Telltale signs your Mac is infected

Now that you know what kinds of malware your Mac could be affected with, here are some ways to tell if your computer is infected with one:

  1. Pop-up ads – If you’re seeing more pop-ups on your computer than usual, your computer is probably infected. An unusual amount of banner ads and pop-ups may mean that your computer is due for an update and/or a virus scan.
  2. Slowness – Mac users fear one thing above all: the spinning wheel of death. This little rainbow-colored spinning cursor wheel indicates that the computer is having trouble processing at usual speeds. This slowness can often be caused by overwhelming requests from simultaneous processes — likely of dubious origin — running in the background.
  3. Browser issues – Viruses sometimes do weird things to Safari or Google Chrome such as change its homepage or redirect a preset landing page to a site you’ve never seen before. If your browser starts behaving oddly, crashes regularly, or is often unresponsive, your Mac might have a virus.

Computer security is a matter of importance no matter what operating system you use. Reach out to our experts for an assessment of your network today.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

Do IT security terms like “phishing” and “intrusion protection” sound extremely foreign to you? If so, it’s time you familiarize yourself with these and other common cybersecurity terms. By learning these basic concepts, you’ll be more aware of the depth and scope of online dangers and, hopefully, be better prepared to deal with them.

Malware

For a long time, the phrase “computer virus” was misused to refer to every type of attack that intended to harm or hurt computers and networks. The more appropriate term for these harmful programs and files would be “malicious software” or “malware.” Whereas a virus is a specific type of malware that is designed to replicate itself, any software created for the purpose of destroying or unfairly accessing networks and data should be referred to as malware.

Ransomware

Don’t let all other cyberthreats ending in -ware confuse you; they are all just subcategories of malware. Currently, one of the most popular of these is “ransomware,” which is malware that encrypts valuable data until a ransom is paid.

Intrusion prevention system (IPS)

There are several ways to safeguard your network from malware, but an IPS is quickly becoming one of the nonnegotiables. An IPS sits inside your company’s firewall and looks for suspicious and malicious activity that can be halted before it can exploit or take advantage of a known vulnerability.

Social engineering

Not all types of malware rely solely on fancy computer programming. Experts agree that the majority of attacks require some form of “social engineering” to succeed. Social engineering is the act of tricking people, rather than computers, into revealing sensitive or protected information. For cybercriminals, complicated software is totally unnecessary if they can just convince potential victims that they’re a security professional who needs the victims’ password to secure their account.

Phishing

Despite often relying on face-to-face interactions, social engineering does occasionally employ more technical methods. Phishing is the act of defrauding people using an app or a website that impersonates a trustworthy or often well-known business in an attempt to obtain confidential information. Just because you received an email that says it’s from the IRS doesn’t mean that it is. Don’t take such emails at face value — always verify the source, especially if the emails are requesting your sensitive data.

Antivirus

Antivirus software is often misunderstood as a way to comprehensively secure your computers and workstations. These applications are just one piece of the cybersecurity puzzle and can only scan the drives on which they are installed for signs of well-known malware variants.

Zero-day attacks

Malware is most dangerous when it has been released but not yet discovered by cybersecurity experts. When a vulnerability is found within a piece of software, vendors will release an update to fix the gap in security. However, if cyberattackers release a piece of malware that has never been seen before, and if that malware exploits one of these holes before the vulnerability is addressed, it is called a zero-day attack.

Patch

When software developers discover a security vulnerability in their programming, they usually release a small file to update and “patch” this gap. Patches are essential to keeping your network secure from the vultures lurking on the internet. By checking for and installing patches as often as possible, you keep your software protected from the latest malware.

Redundant data

When antivirus software, patches, and intrusion prevention fail to keep your information secure, there’s only one thing that will: quarantined off-site storage. Duplicating your data offline and storing it somewhere other than your business’s workspace ensures that if there is a malware infection, you’re equipped with backups.

Our cybersecurity professionals are always available to impart more in-depth knowledge of the many different kinds of cyberthreats. Get in touch with us today and find out how we can help you with your IT security woes.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from TechAdvisory.org SOURCE

Decryptors

There are several ransomware decryptors now, thanks to communities of white hat hackers concerned about increasing ransomware attacks worldwide. While some of these decryptors do come with a price, the rest are free or for a minimum donation.

The state of ransomware in 2021 so far

Businesses need to deal with ransomware both from outside and within. On one hand, there are more cybercriminals trying to infiltrate your network. On the other hand, careless and unknowing staff can easily let ransomware enter your network. For instance, employees may be tricked into providing their access credentials in phishing sites, or they may click links to websites that upload ransomware downloaders onto their machines.

The statistics are sobering. Ransomware cost businesses more than $75 billion per year. Over the past two years, ransomware attacks have increased by over 97%. And compared to the first two months of 2017, ransomware campaigns that were initiated from phishing emails increased by 109% in the same span of time this year.
According to studies, there will be a ransomware attack targeting a business every 11 seconds in 2021. That is up from every 14 seconds in 2019, and every 40 seconds in 2016. And the trend is that the rate will continue to increase over the years.

Zombie ransomware is easy to defeat

Not every type of infection is targeted to individual organizations. Some infections may result from self-propagating ransomware strains, while others may come from cyberattackers who are hoping targets become so scared that they pay up before doing any research on how dated the strain is and how to remove it.

No matter what the circumstances of your infection are, always check the following lists to see whether free decryption tools have been released to save you a world of hurt:

Prevention

But even when you can get your data back for free, getting hit with ransomware is no walk in the park. There are essentially three basic approaches to prevent ransomware:

  • First, train your employees about what they should and shouldn’t open when browsing the web and checking email.
  • Second, back up your data as often as possible to quarantined storage. As long as access to your backed-up data is extremely limited and not directly connected to your network, you should be able to restore everything in case of an infection.
  • Finally, regularly update all your software solutions (operating systems, productivity software, and antivirus). Most big-name vendors are quick to patch vulnerabilities, and you’ll prevent a large portion of infections just by staying up to date.

Whether it’s dealing with an infection or preventing one, the best option is to always seek professional advice from seasoned IT technicians. It’s possible that you could decrypt your data with the tools listed above. In reality, most ransomware strains destroy your data after a set time limit, and you may not be able to beat the clock. And even if you do, you probably won’t have the expertise to discern where your security was penetrated.

Don’t waste time fighting a never-ending stream of cyberattacks — hand it over to us and be done with it. Call us today to find out more.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

Managed IT Services

Today’s companies need technology to function. Without it, businesses cannot compete and succeed. But with technology comes the ever-constant threat of hackers and cybercriminals. That’s why small- and mid-sized businesses need to protect themselves with robust cybersecurity solutions managed by IT professionals.

The numbers

According to the Ponemon Institute’s 2019 State of Cybersecurity in Small and Medium-Sized Businesses (SMBs) survey, cyberattacks have increased dramatically. Here in the United States, 76% of companies were attacked in 2019, a significant leap from 55% in 2016. Sixty-nine percent of US businesses reported data breaches in 2019, up from 50% in 2016.

The financial consequences have also increased considerably. The average cost spent by companies because of damage to or theft of IT assets and infrastructure increased from $1.03 million in 2017 to $1.2 million in 2019. Costs due to disruption to normal operations increased from an average of $1.21 million in 2017 to an average of $1.9 million in 2019.

The attacks

Globally, the most common forms of attack on SMBs are those that rely on deception: phishing (57%), stolen or compromised devices (33%), and credential theft (30%). Worse, cybercriminals are targeting SMBs more, with reported attacks having increased from 60% in 2017 to 69% in 2019.

Why managed services?

Partnering with MSPs is the most effective way to prevent attacks and protect your business from malicious threats. MSPs offer a full range of proactive IT support that focuses on advanced security, such as around-the-clock monitoring, data encryption and backup, real-time threat prevention and elimination, network and firewall protection, security awareness training, and more.

And because managed services are designed to identify and fix weak spots in your IT infrastructure, you’ll optimize the digital backbone of your business processes. You’ll have faster network performance, a solid business continuity and disaster recovery strategy, and minimal downtime. One of the best things about managed services is that you get a dedicated team of IT professionals ready to assist you for any technology problems you may encounter. This is much more effective and budget-friendly than having in-house personnel handling all your IT issues.

Being proactive when it comes to cybersecurity is the only way to protect what you’ve worked hard to build. If you’d like to know more about how managed services can benefit your business, just give us a call — we’re sure to help.

To learn more about how to safeguard your business, or if you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment.

Published with consideration from smallbiztechnology.com  SOURCE

365 Phishing Scams

Microsoft is a known provider of top-tier business productivity software — and its commitment to its subscribers’ cybersecurity is integral to that reputation. To fight phishing, one of today’s most prevalent cyberthreats, the tech titan has equipped Microsoft 365 with powerful features.

Among the many business solutions that Microsoft offers is email hosting through Outlook. This service is protected by Microsoft Defender for Office 365. Defender has many key features:

1. Anti-phishing

The most dangerous types of phishing scams masquerade as emails from a party the victims know, such as their boss, colleague, business partner, or bank. A phisher may use crafty impersonation tactics, such as referring to the victims by their nickname, making it harder to immediately identify the scam as fraud. A cybercriminal may even take over actual email accounts and use these to completely fool their victims.

Using machine learning, Defender creates a contact graph of contacts that users normally exchange communications with. It then employs an array of tools, including standard anti-malware solutions, to differentiate good from suspicious behaviors.

2. Anti-spam

Generalized phishing campaigns utilize spam emails, which are sent to a large list of email addresses, to catch random victims. Stopping spam is, therefore, a great start to protecting your company from a phishing attack.

Microsoft 365’s anti-spam technology addresses the issue by examining both an email’s source and its contents. If an email is determined to have come from an untrustworthy source or has suspicious contents, then it is automatically routed to your spam folder. What’s more, this feature checks the activity of people in your company to ensure that none of them sends out spam emails.

3. Anti-malware

Malware, such as ransomware and spyware, can spread via phishing emails. Ransomware locks data and programs from users until a ransom is paid. Spyware, on the other hand, steals data by recording keystrokes, copying clipboards, and taking screenshots, among other methods.

Microsoft 365 employs a multilayered defense against both known and unknown types of malware. This covers the different stages of email transmission, including filtering potentially harmful attachment formats, and real-time threat response. Microsoft also regularly deploys malware definitions to keep its defenses updated.

4. Safe Attachments

Some phishing emails contain file attachments that infect your computer with malware. Any email attachment should be handled with caution, but it’s not uncommon for some users to accidentally click on one, especially as they rush through the messages in their inbox.

Defender resolves this issue by opening all attachments in a sandbox first. This sandbox is an isolated environment, so even if the attachment contains malware, it would not affect your system. While in the sandbox, the attachment is meticulously scanned. If it’s clean, Microsoft 365 will allow you to open it as normal. If it contains a threat, the service will notify you of the issue. Microsoft uses some of the information collected by Safe Attachments to further improve the feature’s capabilities.

5. Safe Links

Instead of attachments, some phishing emails contain URLs that lead to websites — often spoofed versions of legitimate websites — that require victims to provide their personal information such as their account credentials. Some of these URLs lead to download pages that infect your computer with malware.

In a process called URL detonation, the Safe Links feature protects users by scanning the links in their emails and checking for malicious behavior, such as the transmission of malware. If the link leads to a malicious website, Defender will warn users not to visit it. Otherwise, users can proceed to click and go to the destination URL without a hitch. But even so, the service will rescan the link in the succeeding days and report any suspicious changes.

What’s great about Safe Links is that it doesn’t just scan links from unfamiliar sources. It also scans links in emails from people within your company and works on files uploaded to Microsoft Teams and SharePoint.

6. User Submissions

Microsoft 365 allows you to set a specific mailbox to send emails you deem a threat. The User Submissions feature lets you set criteria for both malicious and safe email and identify mailboxes besides your spam folder to keep these messages in. This feature gives your administrators greater control over which emails to flag and which to report to Microsoft.

7. Enhanced Filtering

If your company uses third-party services to route emails before they are sent to Microsoft 365, you will benefit from Enhanced Filtering for Connectors. Microsoft 365 uses inbound connectors to determine the trustworthiness of email sources. The more complex your routing scenario is, the more likely that an email’s inbound connectors will not reflect its real source.

Enhanced Filtering preserves authentication signals that may have been lost over the course of routing emails. This maximizes the effectiveness of Microsoft 365’s overall filtering capabilities, helping it detect spam and phishing emails.

If you need an email service that promotes efficiency while protecting your business, we can implement and manage Microsoft 365 for you. Just call us today to get started.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE