In in the wake of last week’s attacks, new facts are still surfacing about WannaCry ransomware. The ransomware leverages a known vulnerability called EternalBlue that is widespread in older Windows operating systems and was patched in a security update Microsoft released in early March. This vulnerability allows the malware to travel from system to system, which makes systems that were left unpatched easy to attack with just one malicious email.
“We cannot overstate the importance of vigilance when it comes to email and email attachments,” Jonathan Tanner explained in a recent Barracuda blog post. “Email is the primary method of attack for almost everything.” In the case of this attack, all it took was one individual to open the attachment to infect the entire network.
What you should teach SMB customers
As an IT service provider, you want to ensure that your SMB customers have a multi-layered approach when it comes to securing their networks—and that they educate their employees about email security best practices. Here’s what you need to teach them:
How to identify a phishing attack
-Most phishing emails will ask for personal information, such as passwords, payroll or other sensitive items. Spear phishing emails go one step further by appearing to be from a trusted high-ranking individual in the organization.
-Look for spelling errors or a sender or URL that is a few letters off. Most phishing emails have slight spelling errors and often seem to come from individuals you might know—at least at first glance. For example, you may have a PayPal account, but the sender might really be Paypol.com, preying on users that miss the “o” in place of the “a.”
–Proper banners and graphics are common in phishing emails, however sometimes they are one or two shades off. They can look quite convincing and often trick users into the trap of clicking because it appears to come from a trusted source.
–A changing hyperlink or words before the forward slash. Often phishing emails contain hidden links. For example, you a link will take you to paypal.com, but if you hover over the link before you click it you realize it would really take you to hackerslifeforme.com (or another suspicious link). Another trick hackers use to prey on users is adding periods or dashes before the forward slash. For example paypal.com.reset-password/ is going to a different domain than PayPal.
Email security best practices:
–Call before you send! If you think the CEO is looking for sensitive employee W-2 information over email, pick up the phone and double check before you send anything.
–Think before you click! Take the time to look at the details before you click on a link in an email. Watch out for any hyperlinks that are going to another destination, and pay attention to where the forward slash is in the link. If it’s not right after the .com, the link might be sending you to the wrong location.
–Don’t open attachments from users you don’t know! If you don’t know the sender think an email seem suspicious, don’t open its attachment. It could contain malicious code or take you to a malicious site.
Education paired with a multi-layered security approach can help prepare SMB customers to take the proper precautions when they receive a suspicious email. And that can help both you and your customers save time, money, and aggravation down the road.