We’ve all had emails fill our inbox that clearly are not what they say they are. Sometimes there’s no doubt that they are a scam, but hackers have gotten better at creating believable phishing emails targeted at getting information. Unfortunately, companies can fall prey to this just as well as an individual can. Watching out for suspicious redirects is a good way to spot if your company has been hit by a phishing scam, but so is feedback. Receiving complaints from customers about communications that your company hasn’t made is a strong indication that there’s a problem. A phishing attack may not be obvious to you at all, but rather be aimed at your customers and stealing their money and identity. As unsettling as it is, you may not be able to tell that your company has been hacked until there’s a problem.
It’s important to be vigilant when keeping your network security in check. There are some steps you can take when there are signs that your company has been attacked by a phishing scam. First,
When you’ve fallen prey to a phishing scam, the first thing you need to do is not panic. Regardless of if you are a business or an individual, panic tends to be the first reaction and is exactly the last thing you want to do. Instead, disconnect all devices from the network so that your devices aren’t accessible to the perpetrator. By cutting off your company’s access to the web, you’re also preventing any viruses put in place from emailing your customers and clients. You eliminate the risk of spreading the infection.
If possible, remember what information you entered when going to a fraudulent site. Things like names and addresses can be used in identity theft as well as providing information for future attacks on your company, so it’s important to try to remember everything you can about when and how you accessed a suspicious site. Fraudulent sites can often be uncovered by paying attention to the URL extension as well as details, such as spelling and the URL given when rolling your mouse over a link. Keep a record, either using a screenshot or by copying and pasting information, of the website(s) and email that infected your company’s machine. This can help to identify what information was stolen as well as law enforcement.
Above all else though, stay calm.
Now, Backup Your Data
It’s wise to perform regular backups anyway, but once your network administrator has shut down your network, it’s time to do another backup. The first things that should be backed up is customer information and financial records. For maximum security your IT department will likely perform this backup to a separate location to provide an added layer of protection. Time is critical here as it is essential to remove data that a virus can use as ransom. Called ransomware, some cyber criminals will restrict your access to your own files until you pay a fee, essentially holding your own property ransom.
In a situation like this it’s best to perform this backup to a physical location rather than the cloud so that your network administrator doesn’t have to expose the company to the internet unnecessarily.
Protect It with New Passwords
Though you may have acted fast to protect your company, a hacker still may have acquired passwords and your work will have been for naught. It’s important to change your credentials as soon as possible in the event that a cyber criminal did get that information. With it they can gain access to your finances and other vital services that your small business works with and uses internally. They could also change your company’s credentials when it comes to accessing the services, so it’s important to make these changes as soon as possible. A good indication that your network security has been compromised is if you cannot access your own accounts.
If you haven’t already, consider upgrading your security with multi-factor authentication so that hackers will have a harder time taking control of your systems. There are password generator programs available that will create a unique, random password using the specifications you provide. Though harder to remember, these passwords are far safer than your secretary’s dog’s name and birth year.
Now That Your System is Secure, Look for Malware
Cyber criminals, unfortunately, know that you may do everything right to secure your information before they are able to get to it. Once you’ve made backups and secured your data, it’s time to look for what might’ve been left behind. Many viruses will install programs that seem benign and unobtrusive, but are actually gathering vital information and sending it back to the hacker. Fortunately, there are malware programs that work without being connected to the internet so you can check your company devices before even being reconnected to the network. Many IT services choose to run a second scan from another program to ensure that nothing was missed with the first scan, or that the first malware program isn’t compromised in some way. Keeping this software up to date is essential as definitions are frequently updated and new features, such as looking for newer types of malware, can be installed. A good malware program can also scan email as it is received giving your company an added line of defense to prevent a phish attack and will periodically scan your computer for malware automatically.
Inform Your Customers
Falling prey to a phishing scam is embarrassing to be sure, but it can be disastrous if you are sure that nothing was taken and you’re wrong. It’s important to let your customers and clients know when your network security has been compromised. Customers can be on the lookout for fraudulent charges made on behalf of your company for services or products they never ordered. By notifying customers of the incident and giving them incentive to stay, you can protect them from attacks and keep a customer rather than face a lawsuit down the line if your phishing incident leads to identity theft.
Make sure that your customers know what to expect from your company and that anything else should be reported to the company as well as to law enforcement. Social media is a good way to communicate with your customers as well as email and postage.
Contact Law Enforcement
Hacking of any sort is a crime and it isn’t one that governments are keen on letting people get away with. In the United States the FBI’s Internet Crime Complaint Center manages cyber crime cases and when you’ve been phished, this is who you report it to regardless if you are a company or an individual. This complaint stays on file for 90 days, allowing companies and individuals to repair any damage done by the cyber criminal, and it can be renewed if necessary.
Unfortunately no one is immune to phishing: if you have an email, you could be a victim. Individuals and companies alike have been fooled by sophisticated messages designed to get vital data necessary to running your company. Sometimes, it isn’t something that your employees or network administrator catches until it’s far too late, but a quick action plan can minimize the damage done by a successful phishing attack. If you suspect your company is compromised, follow the above steps to help protect your company and watch out for unusual activity, such as odd feedback from customers, purchasing mistakes or other anomalies that may indicate fraud.