wonderfully unique software solutions

Escape the phishing net with AnyDesk’s top cyberdefence tips

Phishing has proliferated and become more sophisticated over the past few years – making it essential that organisations know how best to avoid the traps, according to AnyDesk.

Stephanie Graebel, writing for the secure remote-desktop access software vendor, said: “Their techniques go beyond sending emails and include clever social engineering strategies that are sometimes hard to expose.”

Phishing emails, “smishing” text messages or “vishing” phone calls can seem like they’re from a bank, a social media site, your email provider, or your manager, yet are designed to steal data and information. So the first thing is to be educated and aware of the risk, avoiding clicking on or interacting with suspicious-seeming content

“Sometimes, there are even suspicious files attached to the email which could eventually install malware on your device,” added Graebel. “We recommend you validate the sender and check the link carefully.”

Contact attempts of which you are unsure can be checked by searching the web for reports of similar scams or phishing attempts. Most likely, other people have received the exact same scam message and have posted about it on a forum or a scamwatch website.

Fraudulent links can easily be disguised as order confirmations or tracking updates, for example. Sometimes you may be asked to download some kind of app – which might hide malware such as worms, viruses, ransomware, trojans or similar.

“When in doubt, use a search engine to look up the phone number or organisation.”

Spear phishing and whaling is when a phishing attack targets a specific individual, such as particular job role in the organisation. Only share information publicly – such as on social media – with a time delay and try to avoid revealing many details of your personal life, she said.

Then there’s pharming, where cybercriminals may take over an entire DNS server, using a legitimate domain to divert traffic to their own website, often a close replica of a real one, to steal login credentials, for example, Graebel said.

“This happened in Venezuela in 2019, where fraudsters targeted a specific website that was part of a humanitarian aid campaign,” she said. “All traffic to the site was redirected to a counterfeit twin, and, consequently, all data was stolen.”

Always check the sites you visit is HTTPS – not the less secure HTTP – before entering any data. Double-check all links and URLs before revealing any personal information.

Never give your remote access ID to anyone you don’t know, for instance. Only download product from an official source. Also, keep all software updated, including antivirus applications, and enable automated spam filtering, security training, web filtering, multi-factor authentication (MFA), and regular backups.

“Always reconfirm the authenticity of the person who wants to connect to your device. When in doubt, reject the incoming connection altogether,” Graebel said.

Professional-grade remote desktop tools should encrypt all data and comply with strict security standards to help keep organisations safe from threats such as phishing if used correctly, she added.

Remote desktop tools such as AnyDesk have additional features such as the ability to create custom clients with certain preset privileges or to manage permissions, Graebel noted.

( Image by Marcello Sokal from Pixabay )

Recent Articles

Extended detection and response (XDR) has become vital, says Stormshield

Extended detection and response technologies (XDR) have become a vitally important shield for all companies, according to sovereignty focused data, network and...

Is OSCP or CEH the best security certification for staff? CBT Nuggets explains

Deciding between Offensive Security Certified Professional (OSCP) and Certified Ethical Hacker (CEH) cybersecurity skills certifications can be "make or break" for staff,...

A look at Smartsheet Q2 highlights for business project management

The Smartsheet enterprise work management platform has rolled out a slew of updates for Q2 2024 including AI capabilities, workload tracking functionality...

Delinea integrates CIEM and ITDR with privilege control platform

Privileged access management (PAM) vendor Delinea has rolled further privilege control for cloud entitlements and identity threat protection into its cloud-native platform,...

Texthelp and n2y merge to grow global sales serving special needs

Literacy and assistive technology software vendor Texthelp and education management systems provider n2y have merged, in a move expected to retain Rothschild...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Weirdware monthly - Get the latest news in your inbox