IT Insights

What to Do When You’ve Fallen Victim to a Phishing Attack

As an IT support company in Miami we are seeing more and more incidents of Cyber attacks using very different tactics. Just in the month of December we brought on 2 new clients who had fallen victim to Ransomware attacks and hired Sabio to stabilize their environment and eradicate the infection. We can proudly state that we have not had any of our customers lose any data under our managed services program. However, it is important to know what to do in the event that you have been a victim of an attack and do not have a reliable IT company to count on for assistance.

An overwhelming number of cyber criminals launch phishing scams because they’re easy to carry out and there are plenty of tricks they can use to succeed. In fact, based on a recent study, usage of exploit kits to launch attacks has dropped by 60% in 2016, which indicates that cyber criminals prefer to infect systems via email.

Worse than falling victim to an attack is failing to take action after the fact. If, despite your business’s best efforts, you or one of your staff still falls victim to a phishing attack, here’s everything you need to do.

Disconnect your devices from the internet

If you’ve already clicked on a link that could, in a matter of minutes, install ransomware on your computer, go offline immediately. For wired connections, unplug the internet cable from your computer, and for wireless connections, disconnect from the Wi-Fi network.

This prevents your other devices from being infected and blocks further attempts to remotely access your computer and leak sensitive information. Going offline also prevents the infected computer from sending phishing links to your email contacts.

Back up all critical files

For maximum safety, back up your files on external storage devices that are solely intended for backups and unconnected to the infected devices or network. Remember that you can prevent ransomware from infecting your backups only if you’re offline. Time is crucial in this scenario, so prioritize backing up irreplaceable data like customers’ sensitive information, business financial records, and so on. If your IT company follows best practices they will create a separation between your historical backups and your existing network in order to protect your data from Ransomware and other attacks that propagate in your network. As an example, Sabio’s backup solution stores backups in the cloud completely separate from your network in order to avoid this costly situation.

Change your online account credentials

Since there’s no telling what information phishers are after, change passwords for all your online accounts, especially email, online banking, and social media, and do it from a clean computer.

Hackers will try to gain complete control of your data or systems so they would certainly attempt to change your passwords before you do. This is when multi-factor authentication would prove immensely useful, because any attempt to change your passwords will prompt a notification, whether to your mobile number or recovery email. It’s also critical to use different passwords for each account to make it difficult for cyber criminals to steal your identity.

Scan your systems for malware

After changing your passwords, run a complete anti-malware scan of your system to get rid of self-replicating malware that could spread to your network and the devices connected to it.

To ensure a thorough scan, here are some key points to remember:

  • Use a software that can scan offline
  • When uncertain, run a second scan using a different program
  • Wait for the scan to finish and do not run anything during that time

The latest anti-malware programs can detect a variety of adware, spyware, viruses, and other types of malware, but phishers may deploy highly sophisticated methods, which make tracking them difficult. If you’re unsure how best to proceed, enlist the help of cyber security experts.

Once you’re in the clear, you can restore your backups and upload recently backed up files to your system.

Re-educate staff about cyber security

Hackers are relentless and will try numerous approaches to attack your business. You stand a greater chance of fending off fraudsters by regularly conducting cyber security awareness training sessions. Simple precautionary measures like avoiding opening email, text, and social media messages from unknown senders are critical points worth reiterating.

As a business owner, it’s completely normal to assume you won’t fall victim to a phishing attack. After all, you’ve gone on for years without a single data breach incident. But once you do get attacked, one click is all it takes to infect your entire operations, which could result in business disruption, a damaged reputation, and huge costs.

Sabio Information Technologies is a Miami based IT services and support firm focusing on Small and Medium businesses, our approach is to treat all our clients’ systems as malware-prone, and we customize cyber security solutions based on their needs and environment. This is how we manage to ensure their systems are constantly protected from cyber threats, and we can do the same for your company. Call us today!