Welcome to an Impact series, Cybersecurity Tips, where we explore tips to protect businesses in the digital world. More than half of all small businesses that suffer a cyber-attack will be out of business within six months as a result.
The leading cause of data breaches is due mostly to employee error or lack of awareness. It’s important that employees understand how they can do their part to reduce risks in an organization. The Internal IT team at Impact oversees security efforts for 550 employees across 17 locations, and are experts in security awareness for employees. This month, we are reviewing what you need to know in order to spot suspicious links.
What are Suspicious Links?
In today’s digital age, the reference of suspicious links relates back to the dangers of a potential cyber-attack, specifically a phishing or spear phishing attack. According to CSO, the goal of a phishing attack is to use email to fool the recipient into clicking on a fake link.
Phishing attacks tend to be more general and target thousands of people, while spear phishing attacks are much more targeted to the individual user or business. The suspicious links in these emails are almost always disguised to trick the user, including mirroring popular retailers and/or search engines that people use every day. Although cybercriminals have become increasingly more sophisticated, there are ways to spot suspicious links and protect yourself.
Tips to Test & Avoid Clicking on Suspicious Links
Have you ever visited a website and right away something doesn’t seem right? What about an e-mail that has made its way to your inbox that has you asking, “What is this?” or “Is this meant for me?” One simple step that can be taken before you click on a link, is to hover over it first. When you roll the cursor over a link on a web page, it is often referred to as “hovering.”
Once you’re hovering over the link, the cursor will change from a pointer to a small hand, and will show the URL in the lower left corner of the focused window. From there, you should be able to see where that link is being directed to ensure you’re not going to a fake site. It is important to note that while “hovering” is still a good rule of thumb, attackers are finding ways to launch attacks on users by just hovering over a link.
Businesses should stay up to date on recent cyberattacks to ensure employees are aware of new tactics and threats.
In addition to hovering over a link, there are additional resources and tools that help to identify suspicious links without having to click on them. Lifewire recommends expanding any shortened URLs with CheckShortURL, which will show you the full web address without having to click on the link.
Services such as Scan URL and URLVoid are also useful in identifying suspicious links, as they scan the link and provide a full report. Virus Total is another great tool that can be used to check links and files for potential threats.
SOS! – What to Do If You Click on a Suspicious Link?
If one of your employees clicks on a suspicious link, do they know what to do next? Spear phishing has proven to be an extremely dangerous and easy way for hackers to get confidential information from both end users and companies. Awareness is key, and taking the time to research and safely use email should be part of everyday internet use.
Businesses should consider working with a managed service provider, such as the Impact Managed IT program, to employ experts who can implement the necessary cybersecurity measures and help train employees to build up the strongest defense possible against cyber-attacks.