5 Seemingly Innocent Download Habits Your Employees Must STOP Now To Avoid A Ransomware Attack
Once upon a time, you could install antivirus software and go about your merry way online and in your inbox, opening, clicking and downloading files without a care.
Today, antivirus alone cannot and will not protect you, especially if you INVITE the hack by downloading a file that is infected with a piece of code designed to circumvent your security protocols. Whether it’s a personal computer, phone or a laptop you use for business, here are 5 things you need to STOP doing now to ensure you don’t get hacked.
STOP downloading apps from unknown sources. There are thousands of free apps available online that are very tempting to download. Hackers are masters at curiosity and “clickbait” designed to nail you in a moment of weakness. To prevent rogue apps and programs from installing, configure your devices to disallow the installation of programs from unauthorized sources. On your phone, ONLY download apps from your device’s respective app store that are tested and forced to meet the store’s security and privacy requirements. Business owners: while I’m sure all of your employees are trusting souls, it IS possible (and recommended) to have business machines locked down, preventing your employees from downloading any applications (or files) that could harm you and compromise your security.
STOP surfing the web unprotected, particularly when accessing downloads. This is particularly true if you are on public WiFi. Starbucks is not going to guarantee your Internet connection is safe, nor is any other business, restaurant or location offering free Internet access. Talk to your IT company (that’s US!) about installing more than just antivirus, but endpoint protection solutions, like a VPN, that will “hide” you from cybercriminals and filter out nefarious websites and attacks so you CAN use public WiFi without the fear of inviting a hack.
STOP opening and downloading files e-mailed to you without extreme caution. Phishing attacks via e-mail are still the #1 way hackers gain access to a network. It’s very common for an attacker to hack into someone’s e-mail and get their list of friends, colleagues, coworkers and their boss to send e-mails that appear legitimate on “their” behalf, even using their actual e-mail – these are are highly sophisticated phishing attacks. So, before you open or download ANY file e-mailed to you, make sure it was one you were expecting. It’s far safer to use IT-managed file sharing like OnDrive, SharePoint or Citrix ShareFile to send attachements. But bottom line, if ANY file “feels” wrong or suspicious about a file download, including a weird extension or suspicious file name, CALL the person who sent it to verify. If it’s important, they can send it again.
STOP downloading “bloatware.” It’s common for legitimate, reputable apps to sneak in other applications or toolbars you don’t need. They sell this as a sponsorship to make more money every time one of their users downloads an app. The best way to spot these is to look for checkboxes when installing that automatically opt you into services by default. So, before you hit “Next” and keep rolling to get your app installed, take a second to really read and review what you’re agreeing to when installing that new app.
STOP downloading music, software, games, movies and the like from websites like BitTorrent, RARBG, 1337x and similar peer-to-peer file-sharing sites. It’s very common for file-sharing networks to be breeding grounds for hackers who post files infected with malicious software for people to download. Some of the ads on these sites are malicious as well. Don’t feel “safe” just because you have antivirus – because you’re not.
Business owners: after showing this to your team for both their work and personal devices, click here to schedule a quick 10-minute call to find out how we can implement security systems that will give you stronger protections against hackers and against employees who accidentally click on or download a malicious file.
Published with permission from TechAdvisory.org. Source.