Technology protection has improved over the years and hackers have shifted their focus from technical vulnerabilities to individual vulnerabilities.  Tricking one person into giving up computer access is the easiest path to sensitive information, and hackers have developed some clever strategies for doing so through email.
​Below are some of the top email threats, and how you can protect against them.

1. Beware of intriguing/funny emails:  That funny joke or animated dancing elf picture your friend just sent you isn’t so funny when it ruins your PC and steals sensitive information.  Hackers often publish these pictures/jokes and hide their viruses/malware in the attachment.  When someone emails the files, they are unknowingly distributing the Hacker’s malware. Be smart. If your friend sends an email that looks spammy, it’s best to be on the safe side. Don’t open it, and delete it  immediately.  
2. Look out for emails from an unknown source/random emails:  If you don’t know the sender or you are not expecting an email from the sender, call by phone to verify before opening the email.
3. Guard against email “spoofing”:  Hackers can make their email address look like it came from the CEO of your company, another VIP, or an important entity asking you to do something unusual or suspicious (such as transferring money or providing your sensitive, personal information). If you’re surprised to be receiving an email from someone, there’s chance it’s a fake account. Don’t be fooled. Contact the sender to verify before opening the message or proceeding with the request.
4. Disregard emails with threats:  Don’t be fooled by emails containing threats or that attempt to scare you into taking action — even if the email contains the logo of a prominent entity and appears to look official on the surface.  Hackers often use the logo of the FBI, IRS, your financial institution, or other organizations along with a spoofed (see #3 above) email address to trick people. These emails often contain language such as “Failure to follow the instructions in this email within 24 hours will result in serious consequences for you….”.  Don’t fall for this. Credible organizations don’t send these types of emails.  Don’t open the email or click on any links in the email.  Instead, directly contact the organization via phone or the organization’s official website.   
5. Don't click email links:  Don’t click on any links in an email.   Links can deceptively re-direct you to the Hacker’s website that is used to attack your computer.  Instead, open a new browser window and go directly to the proper company website.      
6. Don't open email attachments:  Don’t open any email attachment from someone outside your company, unless are specifically expecting it and the source is trusted.   If in doubt, contact the sender by phone before opening.   
7. Don’t use email for sensitive information:  Never provide your password, social security number or any sensitive information via email.  

​Before you download that app to your smartphone, consider these questions:

Why do companies spend a lot of money and resources developing smartphone apps, and then give them away to everyone for free?   How can social media and app companies, like Facebook, LinkedIn, Instagram, and Twitter, give you their app for free and let you use their services for free, but yet they are worth billions of dollars? ​
​Because YOU and your sensitive information that they are collecting in the background are their real product and source of revenue.  

Have your read that app company’s entire Privacy Policy and understand what personal, sensitive information they are collecting about you, and selling to others?  How do these company’s get away with taking my sensitive, private information and selling it? 

​Because you agreed to their Privacy Policy when you installed their app on your phone.   The reality is that most people don’t read the fine details hidden in the app’s Privacy Policy.  The company states in their app’s Privacy Policy that they have the right to do so, and you consent (often unknowingly) to allowing it by installing their app. 
​   

​Have you ever looked at what are the top consumers of your smartphone’s battery?... most likely it’s Facebook and other “free” apps.  Why does an app (like Facebook) consume so much of your battery?
It is consuming your battery by continuously searching your smartphone for new information and uploading your information to that company’s servers.   Once they make a copy of your contacts, messages, emails, photos, and other sensitive information, they sell it to others for lots of money. 
​

If you want to better protect your privacy and greatly improve your smartphone’s battery, don’t install those free apps. But, if you still want to access those sites, here is a much better way:   

​Access their website or service through your smartphone’s browser instead.  
​Yes, it’s that easy… instead of downloading the Facebook app (or other apps), just go directly to their website and logon through your phone’s browser.   The app contains their most invasive tools that secretly scan and collect your information.  By using your browser instead of their app, you have removed the app’s collection tools and greatly reduced the information they can collect.  

You can even add a shortcut icon on your phone’s HOME screen for easy access: 
​Most smartphone browsers, including Safari (iPhone) and Chrome (Android), have an option to “Add to Home Screen” in their menu.   Just select that option, and it will add that website to your home screen.  It's just as quick and convenient,  and the icon looks just like the app’s icon. 

​Instead of opening the app, it accesses the information through your phone browser,   It’s just as convenient and a similar viewing experience, while saving your privacy and phone battery by using this browser approach instead of the app.   Most people see a significant (10% or more) savings in their phone battery level each day, by making this simple change.    
​With this insight and these few adjustments to the way you access information, you can help keep your personal information private, and greatly improve the battery life of your phone.  

We see the headlines too often — another company's information systems have been breached and sensitive data has been stolen.  Sony, Anthem, Home Depot, Yahoo, Target, and  others are recent examples that come to mind.  If these massive companies with their full scale technology teams can be exploited, it can make a business owner wonder: “How secure is my businesses?”

Cybersecurity: A Growing Challenge
Industry experts are predicting that the challenge of cybersecurity is likely to get worse, and that the damages will become even more devastating.  When this happens, the company image and credibility is damaged, loss of customers, huge financial impact, and typically the CEO and CIO are fired.  In the case of a small business, most can’t endure the damage and are ruined.  

So, why does this serious problem continue? How can it be avoided?  

Most companies are not taking the right approach to cybersecurity.

Addressing Your Company's Cybersecurity
To address your cybersecurity the right way, you need to properly assess your vulnerabilities and capabilities.  Here are 10 common cybersecurity issues businesses face:

1. Inadequate Assessments: Too many businesses conduct assessments that are not comprehensive, and don’t address the most pressing threats.
2. Inadequate employee training:   Your employees are the front line of your cybersecurity and are often the most vulnerable point.  Cybersecurity experts agree that the best cybersecurity investment you can make is better employee cybersecurity training.
3. Putting too much faith in Paper Accreditation: Paper Accreditation doesn't equal real-world security:   Most of them grossly miss the mark and give a false sense of security.
4. Misinformed decision-makers:   To find the issues, decision-makers need guidance from an unbiased, credible, cybersecurity expert.
5. Forgetting hackers don't play fair:   Today, hackers are constantly coming up with new techniques to trick employees into unknowingly provide the hacker access.
6. Hackers have a major advantage:  Hackers only have to find ONE vulnerability in order to gain access to your systems and data.  You have to protect the entire environment against all potential vulnerabilities.
7. Hiring a cybersecurity company without research:  It’s important for companies to do heavy research and hire the right cybersecurity expert with hands-on, real-world experience that's prepared them to know the right questions and the right follow-up questions to ask specifically for your company.
8. Being held up by cost concerns:  A comprehensive cybersecurity assessment can be very affordable, if you select the right firm.  When you consider the staggering cost of being hacked, the cost of a cybersecurity assessment is a very wise investment.
9. Thinking cybersecurity is only an IT problem: Cybersecurity is a company-wide responsibility.  The Board of Directors, the CEO, and everyone in the organization must be properly educated, prepared, responsible, and focused on cybersecurity.
10. Not putting in the time: Take time to craft the right, comprehensive plan, and sustain your cybersecurity focus:  Your organization is counting on it!

Cybersecurity is vital for your future, and doing it the right way makes all the difference.   ​

Technology protection has improved over the years and hackers have shifted their focus from technical vulnerabilities to individual vulnerabilities.  Tricking one person into giving up computer access is the easiest path to sensitive information, and hackers have developed some clever strategies for doing so through email.
​Below are some of the top email threats, and how you can protect against them.

1. Beware of intriguing/funny emails:  That funny joke or animated dancing elf picture your friend just sent you isn’t so funny when it ruins your PC and steals sensitive information.  Hackers often publish these pictures/jokes and hide their viruses/malware in the attachment.  When someone emails the files, they are unknowingly distributing the Hacker’s malware. Be smart. If your friend sends an email that looks spammy, it’s best to be on the safe side. Don’t open it, and delete it  immediately.  
2. Look out for emails from an unknown source/random emails:  If you don’t know the sender or you are not expecting an email from the sender, call by phone to verify before opening the email.
3. Guard against email “spoofing”:  Hackers can make their email address look like it came from the CEO of your company, another VIP, or an important entity asking you to do something unusual or suspicious (such as transferring money or providing your sensitive, personal information). If you’re surprised to be receiving an email from someone, there’s chance it’s a fake account. Don’t be fooled. Contact the sender to verify before opening the message or proceeding with the request.
4. Disregard emails with threats:  Don’t be fooled by emails containing threats or that attempt to scare you into taking action — even if the email contains the logo of a prominent entity and appears to look official on the surface.  Hackers often use the logo of the FBI, IRS, your financial institution, or other organizations along with a spoofed (see #3 above) email address to trick people. These emails often contain language such as “Failure to follow the instructions in this email within 24 hours will result in serious consequences for you….”.  Don’t fall for this. Credible organizations don’t send these types of emails.  Don’t open the email or click on any links in the email.  Instead, directly contact the organization via phone or the organization’s official website.   
5. Don't click email links:  Don’t click on any links in an email.   Links can deceptively re-direct you to the Hacker’s website that is used to attack your computer.  Instead, open a new browser window and go directly to the proper company website.      
6. Don't open email attachments:  Don’t open any email attachment from someone outside your company, unless are specifically expecting it and the source is trusted.   If in doubt, contact the sender by phone before opening.   
7. Don’t use email for sensitive information:  Never provide your password, social security number or any sensitive information via email.  

​Cybersecurity threats have evolved over the years. And for business owners to be prepared, it’s important that your protection and knowledge evolve accordingly. In the past, the right technology safeguards, such as firewalls and anti-virus/malware protection were adequate.
But now, hackers have responded by shifting their target from technical vulnerabilities to PEOPLE vulnerabilities. It’s much easier for a hacker to trick you into unknowingly giving up access to your computer and sensitive information.   Hackers often utilize our everyday habits and familiar tools for their exploits.  Below are 5 of these hidden threats, and how you can protect against them.

1. Portable drives
People often use USB portable drives for storing and transferring files.   Hackers know that they are a commonly used technology, so they’ll often load their viruses/malware on a USB portable drive and drop it near the entrance of a building.  They’ll even add a label titled “Confidential”, “Company Salary Information”, or other intriguing labels to entice you into picking it up and plugging it into your computer.  As soon as you plug it in your computer, the malware is immediately transferred to your computer and spreads to other computers on your network.  So, make sure you never plug in drives from unknown sources.  

2. Beware of “FREE”
Free apps and free social media services are frequently used to collect and sell your sensitive personal data. Your contacts, pictures, messages, and other very sensitive information are gathered by the app, and — unknown to you — are often uploaded to the provider to be sold to others. Your privacy and personal information is valuable. So, be careful with “free” apps and always look over the privacy policies for the social media websites you use.

3. Don’t use public or free WiFi  
While the free WiFi at the coffee shop, airport, or other public location may be convenient, it is also dangerous and best avoided if possible. Hackers can use free WiFi to gain access to your PC and steal information. Instead, try using the tethering option on your cell phone to setup your own private, secure internet connection (be sure to check your cellular data plan usage), or wait until you are back to your office or home to use a private, secured connection. 
   
4. Secure your paper documents
Don’t leave confidential/sensitive documents lying around on your desk unattended. Hackers can walk around an office environment looking for unattended documents they can use to gain access.  Before you leave your office, put away and protect those sensitive documents. Implement a “Clean Desk Policy” at your company.

5. Report suspicious activity 
If you see an unknown person walking around the office, or your computer system has changed in some way with no notice from your IT team, communicate it to management. Communication is vital to address these issues as you can work with your team to minimize the threat.