Introduction: Targeting Small Business
No matter what size your business, you can’t ignore cybercrime. You can’t ignore hackers and the increasingly sophisticated malware they are continually unleashing on the internet. You can’t be complacent and think you’re not a target. Everyone is a target.
Too many small businesses still believe that their data has no value. That they are too small for cybercriminals to bother targeting them. The harsh reality is that your data is valuable. Cybercriminals who successfully steal personally identifiable information, medical records and trade secrets sell them for a tidy profit every day.
Recognize & Fend Off Web-based Threats
Phishing poses a serious cyber risk to SMB organizations, but it’s far from the only one. Cybercriminals still use plenty of other methods to break into networks and steal data. The hacker bag of tricks contains plenty of web-based threats such as website hijacks, drive-by downloads, and plug-in exploits.
Hackers use web-based attacks to download malicious code onto networks to alter files, disrupt network operations and steal information. Common web-based attacks you need to know about include:
Clickjacking – Hijacking a legitimate website link and redirecting users to an infected website, where users either share confidential information unknowingly or trigger an intrusive action such as turning over a computer’s camera or microphone to hackers.
Drive-By Downloads – Secretly downloading malware onto a system when the user visits a website. Typically, the malware hides in the background until it’s ready to do its nefarious work, which could be stealing information or turning the machine into a bot controlled remotely by hackers.
Watering Hole Attacks – Compromising a group of users through infected websites that targeted group members are known to visit. Once a user visits one of the websites, malware is downloaded or sensitive information is stolen to gain network access.
Plug-In Vulnerabilities – Exploiting vulnerabilities in commonly used tools such as Java and file formats such as PDF, CSV, and HTML to deliver malware.
Social Engineering Data Theft – Using data shared willingly by users on social media to break into networks and to craft phishing emails that trick recipients into opening infected attachments or visiting compromised URLs.
Malvertising – Hackers can infect online advertising campaigns like banners that run through ad networks and are encountered on popular, trusted sites to infect unsuspecting users.
This is just a short except out the following e-book by Vipre, Small Business Under Attack, ITLogix bundles Vipre Endpoint Security with all of our LogixGuard Managed Service plans, just one of the layers in our Security Stack. Contact Us today to learn more about LogixGuard and Vipre.