A common trick of the bad guys is to get their victims to click on a URL link that brings them to a malicious website. The site may either attempt to inject a security exploit to attack the visiting browser, or it may be designed to look like a legitimate website as part of an elaborate phishing attempt.
And yes, people are still doing it. While it seemingly peaked as an issue about 10 years ago, new studies have shown that malicious attachments are back on the scene as a security risk.
There are so many ways to mask or obfuscate a real link that it’s better not to click on links sent via email messages at all. A safer move is to type it out the URL manually into the web browser instead of relying on the supplied link.
Helps prevent against: phishing, malware
8. Perform offline backups
While backups are not typically mentioned when it comes to security practices, they’re a crucial safeguard against a new breed of security threats called ransomware, which works by threating to encrypt user file or even lock users out of their computer altogether. Once done, it then attempt to exact a ransom for the secret key required to unlock the data or computer.
An offline backup allows businesses to restore their files without paying the ransom. Note that cloud sync services are generally not a good option here – because any encrypted files (such as ransomware) will just be synchronized to the cloud, as well as across all devices – though those that offer an unlimited number of backups could potentially work. However, only Dropbox for Business offers this at the moment.
Helps prevent against: ransomware, malware
Sign up for Computerworld eNewsletters.