Rebuilding Trust – Cybersecurity

Rebuilding Trust after a Cyberattack – Not If but When

Trust is key in all business dealings, but an increasing number of consumers report plummeting trust levels in commercial entities, especially large ones.

In a business landscape that’s becoming less trusting, a #cyberattack can be the final blow that causes customers to take their business elsewhere. Here are some ways to build and maintain trust in your company even if an online security incident takes place.

The three keys to maintaining trust online

There’s no doubt that the internet is becoming increasingly risky, with cyberattacks increasing by the year. Despite advances in antivirus software and efforts to reduce the number of cyberattacks, the prospect of your business losing crucial customer data to cybercriminals is an ever growing reality.

By taking all necessary steps to prevent a cyberattack, responding swiftly and effectively in the event that one takes place, and maintaining a high level of sincere communication with your clients in good times and bad, you can ensure that your business remains a trusted entity for years to come. 

Let’s take a look at each of these components in detail.

1. Make cybersecurity a priority and make sure your customers know about it

Covering the basics of antivirus, firewalls, anti-malware, and of course, secure cloud storage is always the first step toward building your cyber defences. 

This may give you confidence in your company’s data security, but it will do little to inspire confidence in your customers – unless they know about it.

Without revealing specific details of your cybersecurity activities, which could give cybercriminals hints about potential vulnerabilities, it’s good to let your clients know that you take cybersecurity seriously and are taking measures to protect their data.

2. Act Decisively in the Event of a Cyber Attack

The worst-case scenario for any business is a large-scale data leak or cyber attack, and yet many companies will find themselves in this exact situation over the next decade, if not sooner.

  • If your business has become the victim of a cyber attack, the first step is to limit the damage as much as possible by relying on the latest version of your crucial files, which should always be kept securely encrypted in the cloud.
  • Directly following the attack, you should make a concerted effort to communicate the situation to your clients and reassure them about the steps you’ll be taking.

3. Communicating for Success Even in a Cybersecurity Failure

The way you communicate with your clients in the hours and days following a cyber attack or data leak could make the difference between a customer who stays with you and one who decides to cut ties.

  • Inform them honestly about the situation; there’s no use hiding the fact that the data leak or breach has occurred, and if you do, you could not only lose the trust of your customers but also find yourself in violation of the PPI Act.
  • Outline your cybersecurity response plan. Let your customers know what steps you have taken to retrieve their data, as well as precisely what type of data has been compromised—ID numbers, contact details, and more sensitive information like passwords.
  • Re-emphasise your commitment to cybersecurity now. Your client may have experienced a cyber leak or breach from another supplier and will be looking for signs that you are constantly upgrading your cyber security. 

By outlining the steps your organisation is taking to improve data protection, you are more likely to inspire confidence in your clients and retain more of them in the wake of a cyber attack which could have a massive financial impact on your business.

No matter what strategy you employ to protect your confidential data, secure cloud storage will always end up being a pivotal part of it. To find a cloud storage package that suits your needs perfectly, check out our product page today.

Business Risk or Cyber Risk? – Digital Crime

Business Risk Management in the Age of Cybercrime

The risk of cyberattacks has never been higher, with a 23% increase in online criminal incidents affecting South Africans in 2023 alone. As the executive suite comes to terms with the huge probability of cyber-attacks, there’s a new realisation that these incidents are more than just an IT problem and represent one of the biggest business risks of our era.

As you plan your company’s strategy over the medium to long-term, it’s important to keep the prospect of digital crime firmly in mind in terms of risk mitigation.

Here are some compelling reasons to view cyber risks as business risks and take concrete steps to keep your data safe.

Cyber security vulnerability affects every industry

Ransomware, data leaks and breaches, and hacking attempts are having a huge impact on the online security of millions of companies worldwide. If your business has any kind of online presence or banks digitally, it’s equally at risk – and this reality needs to inform your cybersecurity planning.

Industries that deal with confidential customer financial information, including the banking sector, can become major targets for cybercriminals due to the sensitive nature of the data they handle. 

Hackers know that these organisations will be keen to recover lost customer information before it becomes a reputational and financial loss for them, and therefore look forward to a generous ransom with a high probability of the money being paid over.

The financial industry is especially vulnerable to these types of attacks with no specific legal requirements in place for banks to ensure high-level cybersecurity. 

This has prompted some commentators to suggest that SA should adopt legislation similar to the EU’s Digital Operations Resilience Act (DORA). This law sets out specific IT security standards that institutions which handle other people’s money are required by law to follow.

Mitigating business cyber risk

To keep your business information safe at a time when cyberattacks are increasing exponentially, it’s essential to prevent these crimes before they happen. Here’s how.

  • Prevention is better than cure. Ensure that your business is fully prepared for a cyberattack by updating your data security and keeping a constantly updated copy of your most important files. Data stored securely in the cloud will give you more options in the event of a cyberattack.
  • Obtain buy-in from executives. If your CEO or operations manager is still not taking cybersecurity seriously, presenting to them on the potential risks and the benefits of investing in secure cloud storage should be your first priority.
  • Take cybersecurity beyond the IT department. Comprehensive staff training on cybersecurity basics as well as how to identify suspicious messages that could be phishing attempts are essential steps toward building a safer organisation.

Cyber security is an essential component of every company’s risk management strategy today and will only increase in importance in the future. 

Our range of secure cloud storage packages will give your organisation the peace of mind that comes from having encrypted storage to keep your sensitive data safe. Visit our product page today to learn more.

Data Clean | Cloud Backup

Spring has Sprung – It’s Time to Spring Clean your Data

Winter is sluggishly leaving our shores, but as the spring weather begins to provide new energy for productivity, now is the best time to do a digital spring clean of your company’s data for streamlined storage and enhanced cybersecurity.

While spring cleaning is traditionally thought of as a seasonal clean-up of your personal space that helps to clear your mind and create a more organised outlook, it makes sense to extend the decluttering into your digital environment; personal and business.

On a personal level a digital spring clean means doing a clean out of your social media platforms and your browser history, a full password manager reset and getting rid of unwanted emails by unsubscribing from e-mails you no longer want or need to receive.

Keeping your confidential business data safe though isn’t simply a matter of clearing out your history. With the tons of files stored daily, monthly, annually – data cleansing could be the best thing you do for your cyber defences this year. 

Let’s take a look at the digital data cleansing you can implement in your business as the warm weather approaches.

Is your backup folder becoming a junk pile?

There’s no doubt that backing up your crucial company data is a non-negotiable. Current copies of your customer and financial data as well as proprietary documents related to product development, and HR records could save your business from ruin in the event of a cyberattack.

All the same, there’s no reason to hang on to files that have ceased to be useful, contain inaccurate information, or should be replaced with new versions.

With the world producing 402 million terabytes of data per day, the number of files in your backup folders may be growing exponentially – and that’s not always a good thing.

Data cleansing can be time-consuming and labour intensive; however it makes sense to ensure that your database and files are accurate and up to date, saving you the time and effort it takes to sift through folders and folders of inaccurate data.

A clean database ensures efficient time management, increases productivity, and improves data analysis, but only if the whole company is following a standardisation of how data is entered, labelled and stored.

Unnecessary or incorrectly named files take up unnecessary space and this ultimately leads to unnecessary costs. Reducing the number of files in storage means your quota will be filled up more slowly, helping you to streamline your monthly cloud storage costs.

  • Multiple copies of the same file can cause confusion, especially if you’re trying to recover the latest version with the most recent or correct information in the wake of a cyberattack or if an existing file becomes corrupted.
  • Implementing standard naming protocols is the best way to overcome this going forward but you’ll need to take the time to review and cleanse old files, either manually or with tools that detect duplicates.

Having a compact set of files that comprise the most crucial information your business needs to function is not only good for your bottom line and the efficiency of your digital admin. It’s also good for efficiency and customer relations. 

Keeping your data in secure cloud storage, consolidating multiple files, and checking information for errors are just a few ways to achieve this. Let’s explore some more data cleansing strategies.

How to spring clean your data this spring

Spring cleaning your files is no different than spring cleaning your house. It’s simply a matter of identifying the most critical data, deciding what you never use, what no longer works, and getting rid of all the unnecessary items. 

  • Get rid of multiple copies. The most recent and accurate version of the file is always preferable to an updated old version.
  • Back up essential information only. Data that’s crucial in the running of your business deserves a place in a secure backup folder – but obsolete files and folders full of junk email certainly don’t. Cloud security should be a team effort, working together to backup data regularly and securely.
  • Train your staff to be careful with data. Having your team regularly delete files that are unnecessary, check customer and financial data for accuracy, and remove junk files means that these pointless items don’t end up being backed up in the first place. This can significantly reduce your data usage in the long term.

Soteria Cloud’s range of secure cloud storage packages for businesses feature immutable, encrypted storage in a range of package options that scale up with the needs of your business. 

To learn more about our packages and select the one that’s ideal for your business, visit our product page today.

Cybersecurity Training – Cybersecurity

Top 10 Cybersecurity Awareness Pointers

Despite the best efforts of cybersecurity managers and IT departments, the wave of online attacks affecting the country shows no signs of slowing down.

As the risk of data loss and potentially becoming a victim of ransom intensifies, staff training is non-negotiable in 2024 and beyond.

If you have an existing cybersecurity training system in place or are still strategising, our list of our top 10 priorities for cybersecurity awareness will help you to focus on issues that deliver maximal security gains.

1. Phishing

The mainstay of online criminals remains the phishing attack and the reason is simple: users still fall for it.  Staff training that focuses on analysing suspicious emails and not taking action until it’s approved by management will go a long way to mitigate the damage that can be caused by fictitious communications claiming to be from banks or clients.

2. Passwords

We’ve written several articles in the past imploring companies to set up strong passwords and make use of password management systems. Unfortunately, many businesses still use weak, passwords and codes which can easily be guessed. If you’re looking for a cheap, simple, and instant way to improve your cybersecurity, strong passwords are almost certainly it.

3. Removables

USB sticks and removable hard drives may be less common in the age of cloud computing, but many businesses still use them. Limiting the number of important files you keep on removable storage, password protecting and encrypting them, and deleting them on a regular basis are all important skills that all employees should be trained in.

4. Mobile devices 

Smartphones and tablets that we all use every day contain some of our most valuable business and personal information – especially with the advent of smart wallets. But if they fall into the wrong hands, they can give criminals access to a company’s entire financial resources. Password protection and multiple factor authentication are not simply nice to haves anymore when it comes to mobile devices. It’s absolutely crucial that employees should be made aware of the necessity to safeguard their mobile devices.

5. Physical Cybersecurity 

Keeping your files safe in the cloud and following cybersecurity best practices doesn’t mean much if your login credentials are still being written on sticky notes and left lying around the office. The physical aspect of cybersecurity, especially for businesses that transact with cryptocurrency and have login credentials related to their crypto wallets on paper, should be emphasised very strongly when training staff members.

6. Public Wifi 

When traveling on business, it’s always useful to have access to public Wi-Fi, but this facility can be a double edged sword, especially when it’s not safe from hackers and viruses. Familiarising yourself with best practices when using public WiFi and discouraging your staff from connecting to it using work devices unless they’re convinced that it’s 100% safe are both good strategies.

7. Cloud Storage 

When it comes to data security, almost safe is never good enough. The only way to be truly certain that your data is safe is to have it encrypted in the cloud using immutable storage. That’s exactly what our range of secure cloud storage packages for business will give you.

8. Social media

Social media networks have become a part of our daily existence. Unfortunately they’ve also become a prime way that cybercriminals use to gain our trust and perpetrate identity theft and fraud. Staff members should be well-versed in using Facebook, LinkedIn, IG, and other social media platforms responsibly, and look out for signs of fraudulent or criminal activity when they interact with other users.

9. Remote work 

If your staff work remotely part of the time or all of the time, chances are good that they’re exposing both themselves and your business to unnecessary risks online. Every device that contains information related to your business, as well as the people who use it, needs to be operating at the highest level of cybersecurity.

Ensuring that your workers’ devices have the latest versions of firewalls, antivirus, and secure cloud storage installed, and that they know how to use devices responsibly and not allow authorised access by other people when working remotely will help keep your business safe.

10. Social engineering attacks 

Impersonation attacks, social engineering, and other fraudulent tricks used by cybercriminals to gain access to your business information are on the rise. Your employees need to be primed to identify suspicious communications and trained to not execute any requests  before they’ve been vetted and approved.

Keep your data safe with cloud storage

The dangers of doing business online may be increasing, but so are the opportunities to keep your data safe. 

Our range of secure cloud storage packages for businesses of all sizes will give you peace of mind as you and your team use the internet to grow your enterprise. visit our product page today to get started.

Banking Apps – Online Security

How Secure is your Banking App?

Banking apps have become the preferred method of transacting for individuals and businesses in SA, offering the advantages of banking at a physical branch without the hassle. But as with all technology, convenience needs to be balanced against cybersecurity risk. 

Unauthorised access to your banking app could give cybercriminals the keys to your full account balance, potentially causing a crippling, cash flow crisis. 

While banks have invested in and implemented advanced cybersecurity strategies they aren’t always enough, and it is the responsibility of the customer to raise awareness among their staff. Some victims of banking fraud have waited months before their funds are returned – while others have had to write off the entire amount.

To help your business transact safely online, we’ve put together a checklist of dos and don’ts for banking app users. Let’s start with the essentials. 

The necessity of secure logins

As every internet banking user knows, the first step to using a banking app is your login, but there’s more to a secure login that simply entering a password. One simple security practice to instil in staff is to ensure that they never use public wiFi connections to do online banking.

You’ll also need to ensure that your bank app allows you to login in a secure manner so that no unauthorised person can use your banking profile even if your phone or device is stolen. 

Internet banking apps that use Face ID add an extra layer of security while multiple factor authentication using an OTP code (in the case of FNB) or other pin sent to your mobile number or email address provide a way of authorising transactions securely. 

Avoid phishing and social engineering scams

Employees can easily be taken in by the sophistication of modern-day phishing scams. 

Lately, criminals are targeting financial decision makers such as bookkeepers or controllers with genuine seeming emails and other text messages purporting to be from management. 

This may not be a direct result of banking app security, but the fact that banking apps are often used to carry out these transactions makes it essential to avoid suspicious payment requests – even from colleagues and senior managers. 

A concerning recent trend is the escalation of impersonation fraud which takes phishing to the next level. 

  • This type of scam involves comprehensive research on the part of cybercriminals to map out an organisation’s management structure and find ways to impersonate members of senior management. 
  • Once they’ve achieved this, they will typically contact employees via non-verbal means like email or private message and issue financial instructions which ultimately result in company money being deposited into the fraudster’s bank account.
  • Savvy social engineering combined with AI has made it possible for hackers to imitate the tone of writing typical of specific senior managers. 
  • This could be achieved by studying articles that are published on LinkedIn or other financial media and using AI to produce devious messages using the manager or owner’s characteristic choice of words.

In summary, it’s essential for all organisations to follow the “trust but verify” model when dealing with financial transactions. 

If a financial instruction hasn’t been verified over the phone or in person, it simply can’t be taken at face value just because an email or message was supposedly received from a member of management.

Add secure cloud storage to your cybersecurity strategy 

Taking the steps above is an excellent approach towards securing your company’s financial and business information. Our range of secure cloud storage packages with data encryption add an extra level of protection to your valuable business data. Visit our product page today to learn more.

Identity Theft – Financial Cybercrime

The Legal and Financial Dangers Of Synthetic Identity Theft

Identity fraud is one of the most common types of financial crimes affecting South Africans, and now cybercriminals have raised their game with a new wave of crime known as synthetic identity theft.

Fraudsters are going a step further and combining stolen information from multiple people to create new fictitious identities that may not be real – but the consequences of your personal data being used to make one certainly are.

Here’s an overview of this new crime, what its modus operandi looks like, and how you can keep yourself safe from it while protecting your business and customer information too.

How synthetic identity fraud works

Identity theft always begins with criminals obtaining sensitive information like your ID number full name, employment information and physical address. But lately, crimes in which this information has been merged across multiple victims is becoming more common. These crimes fall into two broad categories.

  • Identity compilation: This is referred to by industry experts as “Frankenstein identity fraud”. Criminals will often combine the identification numbers, addresses, and other details of multiple victims to create a new false persona. 
  • Identity manipulation: this criminal approach sticks to one identity, but alters key information about the person in order to carry out illicit activities. Changing someone’s place of employment or credit score artificially or applying for credit in their name are some examples of identity manipulation.

Synthetic identity makes law enforcement’s job even harder

Keeping tabs on all the fake identities used by fraudsters is hard enough but synthetic identity fraud is adding a new layer of difficulty to the task before law enforcement officials. 

Since fake identities, compiled using information pertaining to multiple people, are becoming more commonplace, it’s becoming increasingly difficult to track down the various victims of this crime so that justice can be done. 

Given the large number of data leaks and breaches that are taking place across the country, many law abiding citizens are finding themselves in the crosshairs of identity theft. The fact that their identity has been compromised becomes apparent once they receive a letter of demand or even a summons pertaining to debt that they have no memory of owing. This is a tell-tale sign that identity fraud has taken place.

Keep your identity and personal information safe with secure storage

There’s no need to become a victim of identity theft before you start to secure your sensitive documents.

Soteria’s range of encrypted automated backup packages will help ensure that your business and personal documents remain safe in the cloud, beyond the reach of cybercriminals. Browse our packages today to get started.

Soteria Online Backup – Cloud Backup Solutions

Cloud Backup Solutions – Why do I need Soteria Backup?

Running a business today means dealing with a huge amount of data, even if you’re not in the tech industry. 

From customer information, including confidential banking details, to proprietary product designs and confidential documents, the information that used to be locked away in a filing cabinet is now stored in electronic form – and it’s easier to steal.

The recent wave of cyberattacks sweeping the country mirrors similar trends overseas, and as of now there would appear to be no end in sight. Secure cloud storage is a proven method to minimise the impact of a ransomware attack, data leak, or hacking attempt, since you have a recent copy of all your important business documents saved securely in the cloud.

Let’s take a look at some of the features of cloud storage that make it so essential for businesses of all sizes.

Automated backup solutions

One of the great features of secure cloud storage is that it can be set up to automatically save files to the cloud without you or your staff having to put them there one by one.

  • If you’re still relying on manual backups, chances are good that you’ve already tried to find a file in the cloud – only to realise that the latest version wasn’t there. 
  • In the event of a cyberattack, not having the latest version of a file could mean that cybercriminals do have it and you may be forced to pay a ransom in order to obtain it from them.

Automated backup ensures that the latest version of every file is saved to the cloud in encrypted form. You can schedule these backups to take place on an hourly, daily, or weekly basis, depending on how frequently you update your files.

Scalable encrypted storage solutions that grow with your business

The most important feature of a secure backup system is that your files are safe in the cloud, unreachable by hackers. Furthermore, you should have enough storage to meet your company’s needs without overpaying for capacity that you don’t use.

Secure cloud storage solutions like those we offer cover all these bases, with immutable storage offering a guarantee that cybercriminals will not be able to access or change the data as it’s kept safe on our servers. 

Soteria cloud storage packages are suitable for businesses of all sizes with varying amounts of secure data since they can be scaled up in capacity depending on how many gigabytes you require. 

This allows you to increase your storage capacity as the needs of your business grow: an ideal feature for companies of all sizes.  Best of all, it means that we can grow with you as a trusted provider over the years.

In short – Soteria backup offers:

  • Security and peace of mind
  • Automatic offsite backups
  • Data encryption
  • Scalability
  • Flexibility
  • Compatibility
  • Cost-effective cloud backup
  • Encrypted backup
  • Local servers and support

To find out more about our range of secure cloud packages and how Soteria’s online backup can benefit business of all sizes, visit our product page today. 

Crowdstrike Outage Downs Windows – Technology

CrowdStrike Error Causes Chaos Globally 

The world suffered one of its biggest IT failures on record in July, as a single line of code in the CrowdStrike software update caused Windows computers around the world to freeze and display the “blue screen of death”.

The glitch in an update from the cybersecurity provider based in Austin, Texas was a rare but dramatic example of just how badly things can go wrong when technology fails.

Flights grounded, ICUs paralysed

The extent to which every process in modern society hinges on technology was on full display on July 19th as the faulty update caused airlines around the world to ground flights. 

In addition, hospitals in several countries were forced to reschedule surgeries and even ICU procedures since the computers controlling these critical processes were frozen and unusable. 

The update caused a logical error which caused Microsoft Windows computers to malfunction, switching them over to the blue screen – an outcome that no systems engineer ever wants to encounter. 

Unfortunately, scenes like this were played out around the world as critical computer systems remained temporarily frozen.

Capitec suffers day-long outagec

South Africa was largely spared the dramatic effects of the CrowdStrike incident, with the JSE issuing a notice stating that the FTSE indices were not updating. One of the big insurance companies was also affected as well as a major player in the banking industry that saw its systems remain off-line for most of the day.

Capitec’s ATM network, as well as its online banking facilities were non-functional, with customers unable to withdraw or transfer funds. 

After several hours of technical intervention, the bank’s IT team was able to restore functionality to the network, but many customers turned to social media to express their frustration about the outage. They also expressed concerns about the bank’s ability to manage their money safely.

The media hasn’t reported any financial losses as a result of the outage but it’s safe to assume that Capitec may suffer some reputational damage as a result. This incident underscores the potential for IT failures and cyberattacks to undermine the reputation of any business and highlights the importance of securing data with encrypted backup.

How to respond in the wake of a major tech failure

When a large, unexpected IT failure takes place, there are two major priorities for any IT manager or CIO: restoring functionality as soon as possible and recovering sensitive data to ensure business continuity.

  • The first of these objectives may be in the hands of third-party providers like Microsoft or CrowdStrike, but the safety of sensitive company data falls 100% in your company’s area of responsibility. 
  • Secure cloud storage is the only solution that guarantees data safety in the event of an unexpected failure or cyberattack – especially one at the scale seen on July 19. 

Effective and professional communication to clients also remains a priority during any outage in order to preserve trust and mitigate reputational damage. If this recent failure has you worried about your company’s important client data, investing in secure storage could be the best thing you do for your business this year. 

Soteria’s range of cloud storage packages – using immutable encryption – is the best place to start. Browse our range of packages for businesses of all sizes today.

Cybersecurity Training – A Corporate Responsibility

Meeting your corporate Cybersecurity training obligations

The cybersecurity threat landscape is becoming more perilous in 2024 as the rise of AI adds a further risk dimension.

Companies are both ethically and legally required to act in order to prevent cyberattacks. While creating a safe online ecosystem for business to take place is a noble aim, the POPI Act compels businesses to take concrete measures to protect sensitive business and client data.

Failure to comply with the POPI Act could result in fines of up to R10 million and possible jail time, making it even more crucial to train your staff comprehensively. 

In this article, we look at the need for proactive cybersecurity training and what aspects your business should focus on.

The new threat of AI 

The availability of generative AI means that language models are potentially being used to create extremely convincing phishing emails and other fraudulent documents. These may be indistinguishable from a credible internal communication or message from a client, increasing the likelihood of cyberattacks hitting their mark: overly trusting employees.

Data from the South African Banking Risk Information Centre shows cyberattacks in South Africa up by 22% in 2023. 

Of particular concern are the phishing and ransomware crimes, with the number of victims who made ransomware payments having risen by 20% in 2023 alone. 

To avoid a situation where unsuspecting employees are implicated in cyberattacks and face severe consequences, including dismissal and possibly criminal action, companies need to ensure that their teams are well trained in all aspects of cyberthreat awareness and risk management.

In general, many attacks tend to take place not because employees were in cahoots with cybercriminals, but simply because they were fooled by them.

Preventing this type of incident may not be easy, but companies that can identify the most common online security mistakes made by their staff have a better chance of correcting them through positive training.

With new employees, this type of training should take place during the onboarding process, with existing staff regularly upskilled so that all teams have up to date cybersecurity awareness and are fully prepared to handle sensitive data with the upmost of caution.

Critical training focus for enhanced cybersecurity

Weak passwords 

  • Choosing a password that you can remember is important, but some employees still opt for the trusty old “12345” or “password” which is incredibly easy for cybercriminals to guess. 
  • Additionally, others may choose a strong password but render it useless by writing it down on a sticky note displayed in the office. This could easily come to the attention of the wrong person and result in a data breach. 
  • Staff members should choose long passwords with a mix of numbers, letters, and symbols, and secure their devices using two factor authentication whenever possible. 

Sharing passwords

  • Employees who use the same computer or device may end up sharing a login password out of necessity. 
  • A clear solution for this problem is to issue each employee with their own device or let them bring their own. 
  • If they do share a computer, it’s essential for each user to have individual logins with credentials that only they know. 

Unauthorised users accessing work devices

  • Employees may think it’s harmless to take the company laptop home and let their children use it to write school reports or browse the internet, but if the device becomes subject to a cyberattack, the unauthorised user could get the employee in serious hot water.
  • Separating work and play devices is essential not only to protect company data but also to prevent family members from being implicated in a cybercrime. 

Don’t forget to cover the cybersecurity basics for peace of mind 

Failing to update security software, outdated firewalls, and relying on physical storage alone are some other ways that staff members could unknowingly open the door to cybercrime. 

Soteria’s range of secure backup solutions take the guesswork out of keeping your files safe in the cloud. Learn more about our packages for businesses of all sizes by visiting our website today. 

Facebook Business – Phishing

How safe is your Facebook Business account?

Facebook business accounts provide companies with a great way to reach potential customers and stay in touch with their network of followers. But recently this platform has become a major target for cybercriminals.

An onslaught of phishing attempts against Facebook business users has prompted Meta to release a new framework of safety guidelines to prevent further attacks. 

Let’s take a look at the cybersecurity situation around Facebook commercial accounts and what you can do to keep yours safe.

Cybercriminals target Facebook business users

Recently, headlines about compromised Facebook business accounts have been causing concern in the commercial sector, both  internationally and in South Africa.

The potential risks involved in a compromised Facebook business account include financial and reputational losses arising from impersonation and takeover attempts. In this scenario, cybercriminals could gain access to your account and use it to defraud your customers.

  • Cybercriminals gain access to your account, change the associated bank account, and request payment from customers which would be channelled into their account and may never be recovered. 
  • In addition, the damage to your company’s reputation in the wake of an incident like this could be massive, with disgruntled and aggrieved customers taking to Facebook itself to spread the news, about fraudulent activity carried out in your company’s name.

How to spot the signs of a Facebook Business phishing attempt

Like many cybersecurity breaches, Facebook Business account takeovers begin with innocent seeming emails and Facebook messages, particularly in the form of business partner requests.

Emails purporting to be from Facebook are another popular method that hackers used to carry out phishing attacks. 

According to Meta, it’s essential for users to be on the lookout for email addresses with domains which are almost the same as the official ones used by Facebook but vary in terms of a single letter or word. The following domains are the only official ones used by Facebook:

  • fb.com
  • facebook.com
  • facebookmail.com
  • instagram.com
  • meta.com
  • metamail.com
  • support.facebook.com

In general, any email or electronic message that asks you to click on a link or enter account details should be treated with a high degree of suspicion. 

This is especially true if the message refers to an account action that Facebook supposedly wants you to take but doesn’t come up as a request on the Facebook app or website itself.

If you find yourself unable to access your account, receive complaints from customers who have received strange messages from your Facebook Business account, or suddenly notice that your account is following strange accounts, it’s highly likely that you’re a victim of phishing. 

It’s essential to report your account as compromised immediately to avoid serious losses. 

Protect your online business with secure cloud storage 

Considering that Facebook business accounts are used to process payments and interact with valuable customers, the last thing you want is for yours to be compromised and used to carry out criminal acts. 

Securing your Facebook business account is an essential step if you’re doing business online today – and it’s just one part of an effective cybersecurity strategy.

Secure cloud storage is an excellent way to keep your confidential files safe in the cloud and out of the wrong hands. To learn more about our range of cloud storage solutions for businesses of all sizes, visit our product page today.