Cyber Crime & Security 101 for Small – Medium Biz Part 1

Photo by Saksham Choudhary on Pexels.com

Excuse to do nothing number one….. “Well my business is way too small for hackers to even notice or care about”…. Well until it happens to you that is. I was at a WordPress User Group a few years ago and one of the folks attending was asking for help, his computer was locked up by a hacker using ransom ware and wanted $350 in Bit Coin to unlock it. Several months ago a Orange County Company (Several $100 Mill in revenue) got hit with ransom ware, they didn’t pay and it took them nearly a month to get fully up and running. So how long can you afford to be with out access to your network?

Excuse to do nothing number two…..”My data isn’t anything a hacker would want, it isn’t all that valuable.” Well you are right it isn’t valuable to the hacker, but is valuable to you and that is what the hacker is depending on. Just how long could you last without access to your: Customer Contact List – CRM, Email, Accounting Software etc.

We have defied the problem now what is the solution? There is no magic bullet software that will provide 360 protection all the time everywhere. It is only by layering the protections and methods I will discuss that we can have a good affordable level of protection.

The place to start is with people as 91% of attacks get in with a phishing email. You might be thinking I would never fall for those lame poorly worded spamey phishing emails that all end up in my spam blocker. That is not what Cyber Criminals – Hackers are doing these days. They prey on people who want to be helpful, like customer service and sales, folks who are trained to help. These Cyber Criminals are sophisticated professional criminal syndicates who are running a “Business”. Before even sending their Phishing Email they do their homework many times on social media. They craft an email that looks like it is coming from someone you already know.

So how do we defend against this type of attack. Here are some suggestions:

First and foremost: Train your people to Not Open any email unless they know who it is from and if it looks suspicious verify the sender by Hovering over the Senders Email Address by holding the mouse over the email address to see if it is spoofed. See example below we will look at the two flagged emails below:

Examples of Spoofed email addresses possibly from a hacker – cyber criminal
Spoofed Spam Email actually from generaldandienoah2@gmail.com
Spoofed email not from McAfee but from Info@rifleassureance.com
  1. Install and use a good spam blocker at Both at the Server Level (if you use a server that is) and the Personnel Computer level .
  2. Train your people If they do not know the sender or if they are at all suspicious of the email and it contains links Do NOT click on the link.
  3. Have policy’s in place for personal email and access using company computers.
  4. Keep your operating systems software up to date they often include patches that help keep the bad guys out.

Play the odds, since 91% of Hackers – Cyber Criminals gain access using phishing emails do your best to stop them right there. The first and often best layer of protection from Cyber Crime is trained people. A well trained team will make it much harder for a hacker to gain entrance to your system. If you make it hard they will often move on to an easier target.

About Phil Sallaway - Manager Orange County California

Manager at SalesForceMaven in Orange County California. He is a Salesforce Consultant with a strong Marketing & Sales background.
This entry was posted in Product Manager Orange County and tagged , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s