October is Cybersecurity Awareness Month, an international initiative that educates everyone about online safety and empowers individuals and businesses to protect their data from cybercrime. TriCorps is proud to be a champion and support this online safety and education initiative.
Even amidst large-scale data breaches and cyberattacks, Cybersecurity Awareness Month reminds everyone that there are simple, effective ways to keep yourself safe online, protect your personal data, and ultimately help secure our organization.
Here are some key areas to ensure you are protecting yourself and our organization against cyberattacks.
Your Email Inbox
Email is maybe our most critical business tool, but it is also the most vulnerable. It’s the top target for cybercriminals today, up 239% in the first half of 2024. Here are some ways to protect your email inbox:
- Never respond to suspicious emails
- Avoid clicking on links or downloading attachments in email
- When in doubt, verify the email via alternative means
- Never share sensitive personal or organizational information via email
- Ensure your email inbox has a unique, strong password
Downloading and File Sharing
Unapproved file sharing can have extreme consequences for our organization. File sharing should only be done through approved means including:
- Only use permitted file-sharing methods
- Never use USBs, unless authorized to do so
- Never upload files to external personal storage or personal cloud services
- Be extra-vigilant when downloading files from an email
Social Engineering Attacks
Quishing (QR-based phishing), vishing (voice-based phishing), and smishing (SMS-text-based phishing) are on the rise and are harder to spot because of new artificial intelligence technology. Here are ways to avoid falling for these common social engineering scams:
- Quishing: Only scan QR codes from trusted sources. Double check the URL before proceeding and especially before entering any personal or financial information
- Vishing: Never share personal information over the phone unless you initiated the call. Hang up and call the company directly using a known number
- Smishing: Avoid clicking on links or responding to suspicious texts. Verify the sender’s legitimacy through another channel
When in doubt, always verify the sender. If you receive an email asking you to share something sensitive, use a different method to verify the sender, such as a phone call or face-to-face interaction. If you get a phone call, and it seems suspicious, tell the caller you will call them back. Then hang up and dial their number.
Remember, phone numbers can be spoofed so that it seems that an attacker is calling from a legitimate number when they are not. If you hang up and call the person or organization back, using their legitimate number, you can be more sure you are talking to a legitimate person, instead of someone spoofing the number.
Artificial Intelligence Based Attacks
New artificial intelligence (AI) tools are making social engineering scams easy to create and harder to spot. These new types of tools include:
- AI-Based Spearphishing: Using text generating AI programs, criminals can effortlessly create refined spearphishing attacks tailored specifically for an intended target
- Voice-Cloning: A few seconds of someone’s voice can be replicated to precisely fake audio of their voice
- Deepfake Video: While technology is still advancing, creating a video of a completely fake person is becoming simpler and more sophisticated
These new AI-based attacks require us to be extra vigilant and not immediately trust the communications we have with people. If something seems suspicious, it is important to listen to your instincts. When in doubt, seek out someone you trust for advice, and always report anything suspicious you see to our IT team.
It is always important to remember to stay vigilant online, not just during cybersecurity month. TriCorps is dedicated to helping you protect yourself and our organization. By doing your part when it comes to cybersecurity, you will keep our organization and our team safer and stronger!