Many people think of Russia or Egypt when asked about where cybercrimes originate. As Canadians, we think we have a safe and clean image in the digital world.
However, Websense Inc.'s May 2012 report on Canada's cybersecurity risk profile shows a highly disturbing trend: Canada now ranks No. 2 in the world, after the U.S., for number of hosted phishing sites, with a jump of 170% over the past year. And Canadian small businesses are a target because most don't have the technical expertise or budget to fully protect themselves.
The first step to safeguard your company is to be aware of how it might be vulnerable. Below are some common threats and ways to protect your business from cybercrime.
Malicious software, such as computer viruses or spyware, helps hackers corrupt or collect sensitive company or customer data.
- Implement and maintain security best practices, such as keeping system software and applications fully patched and up to date. Use a firewall, anti-virus and anti-spyware software and spam filter. Make sure your company has the latest versions of the software.
- Implement a security policy and train all your staff to avoid clicking on links or opening attachments from suspect sources.
Scammers use this tactic to obtain user names, passwords or credit card and other sensitive data from individuals and businesses. Phishing sites are getting more sophisticated. Not only do some look identical to the websites of real companies, but the scammers also register slight misspellings of a company's name like "Facemail" instead of "Facebook" or use a sub-domain like facebook.example.ca. And spear phishing uses emails disguised as coming from an employer or technical department of a company asking for an employee to confirm his or her password for the systems administrator.
- Be suspicious of any email that asks you to enter your username, password or sensitive information—even if it comes from within your company.
- Before clicking on any link, double-check the URL to make sure it's the correct company you want to be dealing with.
- Never click on suspiciou links on Twitter, Facebook or other social-media sites. Examples include those that tell you to look at the funny picture of you or what horrible things someone is saying about you or your company.