ITCS Blog

Gone Phishing!

ITCS Cyber Security expert, Wayne Harris, discusses the growth in ‘Phishing’ attacks – and how ITCS are protecting their customers

Information is now the lifeblood of most businesses, and the more we do on-line, the higher the risks of cyber-crime and greater the rewards for the attackers.

Let’s face it, we all receive a mass of emails every day, and as good as the email spam filters are getting, inevitably rouge mails will get through.  Your next line of defence are your users, and this raises the importance of adequate cyber security awareness training, and the investment in your staff.  I meet with companies on a regular basis, who are looking to invest in their information security, but often they haven’t covered the basics when it comes to their staff training.

So, what is ‘phishing?   A phishing email (or sometimes SMS or instant message) is an electronic message sent to a user (or group of users) purporting to be from a trustworthy organisation or government department.  These messages invite you to open a link (such as viewing an online invoice), or an attachment that will lead the user to a malicious website or install malicious software on your devices (such as ransomware).  These malicious websites are designed to draw you in, and may look genuine to a casual user.  This year we have seen attacks masquerading as energy providers, parcel delivery notifications, and popular on-line auction and e-commerce sites.  They all have something in common – they all invite the user to click the links!

Great care should be taken with these types of attacks, as they are either designed to infect computer systems, steal personal details, user credentials (and often users will use the same password on multiple accounts), or to coerce the user into paying fake invoices and initiate banks transfers.  Our advice to users is to never click links on emails unless you are absolutely certain that it is genuine – if you are in any doubt, check or better still, go directly to the genuine website.  We also advise that any bank details provided via email should be double checked directly with the provider before making payment – use the existing information you have for them, don’t reply to the email, and speak to a known contact.

At ITCS, we have gone to great lengths to protect your systems, where possible through the implementation of software restrictions, and enhanced spam filtering, and offer next generation security solutions to further enhance the security of your network.  In the event of a successful attack, our Backup and DR solutions will ensure that your data is protected and your business can recover quickly.

Over the last year, we have run cyber security briefing sessions for our business customers, and have offered over 100 free places to our business support customers.  In addition, we have written and delivered bespoke user training to various customers throughout the UK at their own sites to further protect their business information and financial assets.

For further information, or to book your free cyber security briefing session, please call 08456 444 200, email support@itcs.co.uk or visit our website for more information.

WebGone Phishing!