If your staff receive a notice from Australia Post that they just missed a delivery and that they should print out the form to go collect it, will they open the label attached?
Of course if they do you will have just been attacked by the latest of the virus scripts that may encrypt your network drives or corrupt the PC or harvest your IP from files on the network.
A few days ago, I received an email from Noreply@auspost.com.au with a link to click to see my parcel had been dispatched and to track it. The URL I could see as the address to click on looked genuine but when I pointed at it, it showed me a different destination. Now I am a technical bloke so I need to say, I cleared this email out of my cloud-based spam filter to see what it was about. I realised it was dangerous and deleted it thinking this will have sucked a few people in.
Later that day, I received (also into my spam filter) another email that suggested the delivery had failed and I needed to print a form out to collect my parcel. The message was simply “Label is enclosed to the letter. Print a label and show it at your post office.”
The link offered was https ://eparceltrack.auspost.com.au/external/webui/aspx? LabelCode=label_2386053 which looks sensible enough but when hovered over sent me to a very different location.
I deleted this one from the spam filter without downloading it to my network for obvious reasons.
Those among us that are educated on such things know that Australia Post would not send such emails. They may suggest we open their home page and use the tracking page and give us a tracking code to use when we get there but they will not send links that activate files. As I was writing this article I checked the item number I was given on their website just to be sure I was not overreacting to a genuine email and did confirm the number given was an invalid tracking number.
Chances are that your staff like to get parcels in the post, after all, bills don’t come in parcels. You only need one of your staff to be duped by something like this to put all the data on your internal and connected systems at risk. It may be that your staff are pretty good at discerning the dodgy messages but when one is just smart enough to slip by their BS meter in that hour after lunch when thinking gets harder, your systems will be compromised.
What if it installs a key logger to capture passwords typed into applications or websites? What if it harvests your documents or spreadsheets? What if it locks away all of your data with an encryption key? What if it makes minor changes to files or makes use of your email systems to send viruses out to your clients? What if it finds image files on your network and shares them on the internet? There are just so many more ways to damage your business through your computers than you have contemplated.
If you have not put technologies and strategies in place to deal with this sort of attack you need to assume you are at massive risk right now. You need to either budget to fortify your systems or budget to rebuild when your systems are breached or both.
I have offered these sorts of solutions before and they are all still relevant but judging by the issues I see on the new sites I visit every week, most SME businesses still under invest in this area.
So I need to stress it is probably time to pick up the phone and call for help. Please don’t wait until the crisis is upon you to seek guidance. There is now an absolute certainty that if you do not have the right protection in place and up to date, and the right training for your staff on how to avoid cyber threats, your systems will be or already have been attacked.
How certain are you they have not already been attacked?
David Markus is the founder of Combo – the IT services company that is known for Business IT that makes sense. How can we help?