The other day, my mom received an email with the subject line “Fill Out This Form to Save These Dying Kittens.” Being a dedicated lover of all things feline, and ignoring all of my previous verbal cybersecurity tips, she decided to open said email and download the attached file. Bad idea, mom. Bad idea.
Mom’s seemingly innocent actions lead to exposing her computer to ransomware. After ponying up $746, she finally called her loving son. I then had the pleasure of explaining ransomware and how even though kittens are important, it’s probably a better idea to donate to known, verifiable charities next time than to dangerous cybercriminals.
After that, I worked up 2 simple but major tips for my mom to stay safe online. I’ve printed them out for her and she’s taped them to her desk for easy use. She’s such a cool lady that she thought we should share them with you and your office employees.
Tip #1: Don’t open attachments from strange email addresses. Especially if they involve dying kittens.
Possible threats avoided: malware, ransomware
Somehow, our sweet old mothers had the foresight to teach us about stranger danger when we were wee tykes. Unfortunately, some of our moms haven’t caught on that stranger danger runs rampant on the interweb. Neither have some of your employees.
When you inform your team about the dangers associated with opening up attachments from emails they don’t recognize, they’re going to ask why. If it helps, tell them what I told my mom:
Your internet is your house and your email is your front door. When you see that subject line and the email address for the person who has sent you the email, think of that like the peephole on your front door.
In real life, if you look through the peephole and see that it’s your best friend with a bottle of wine, for goodness sake let her in. It’s cold outside. Also, you know that what she’s carrying is safe.
Now, if you hear a knock and don’t recognize the people at the door – and if they are also carrying a mysterious bag around that looks like it could be filled with bodies/weapons/poison – then don’t answer. Stranger Danger!
The same concept goes for your internet and everything connected to it. All sorts of malware and ransomware and Always check to make sure you know who’s emailing you and also that the attachment is legitimate and necessary. Play it safe and remember how dangerous curiosity was for that feline…
Also, just like my mom, your employees will probably get tons of forwarded emails. They start out “FWD”. Always check attachments on these. They could very well be sketchy. The senders may have passed them along without personally opening them.
Tip #2: Don’t enter personal information into strange websites. Especially if they ask for your credit card.
Possible threats avoided: malware, phishing
Your mom deserves a lifetime of wonderful gifts. And cybercriminals are more than willing to supply their version of the perfect present. What do cyber attackers get for the mom who opens up email attachments? Probably a link to a phishing website. Coincidentally, they really like giving your employees the exact same thing. #regifting
Phishing websites are the con-artist, one-trick-pony of cyberattacks. Here’s how I explained them to Mom:
You type in your bank’s URL to do some online banking. But you accidentally misspell the URL and suddenly end up at a clone site set up by cyber attackers. This website looks a lot like the bank website, but it’s slightly off. Usually, you can tell by eyeballing it that it’s just not professionally designed or written. But to be sure, searching for the URL will confirm whether you typed it in correctly.
The fraudulent version of the website will immediately ask not only for your login information but also even personal and bank card information. (Which your real bank will rarely do once you login.) With this extra info, cyberthieves can go into your real account and empty it dry.
Avoid phishing by carefully checking URLs and by NEVER entering additional personal information on suspicious websites.
A Word to Your Employees
Well, hello there. This article was a fun way to make cybersecurity simpler, but the threats are all too serious. Here at TFE, we really want you to stay safe when you are online. If you ever have any questions about safe internet practices or suspicious email activity, we’re happy to chat. You can reach call us or shoot us a message anytime you feel like it.