Over the course of this year, we have continued to touch on the importance of remaining vigilant in the face of multiple new and ongoing cybersecurity threats.  No time is a good time to let your guard down and UniVista wants our customers to have the tools necessary to stay safe online.  The more reliant we have become on technology, unfortunately, the more vulnerable we increasingly become.  Simply put: Cybersecurity has become a critical issue in the 21^st Century.

Did you know that when you have a Comprehensive Customer Support Agreement with UniVista, you are entitled to cybersecurity training?  UniVista uses a module-based program called KnowBe4 for ongoing customer cybersecurity training.  Our in-house training team will take into account what you, the customer, already know (or have previously trained on) and what your particular needs are, and considers that along with what current cybersecurity threats are currently out there.

This cybersecurity training is generally conducted quarterly, and the entire series of modules can take between 1 to 2 hours to complete over a 3-month period.  Before deploying a Training Module, the customer’s primary contact is given a description of what that particular quarter’s training modules will be in advance so that they can alert their team accordingly.  During the 3-month period the customer is given to complete the training modules, UniVista will send reminders along the way to help keep progress on the training moving forward.

Depending on a customer’s situation, they are typically given two training campaigns each time; one is intended for new hires, and the other is intended as more of a “continuing education” cybersecurity training.  The new hire portion is exactly as it sounds; a training security campaign that emphasizes the importance of cybersecurity for newly hired employees.  The “continuing education” module is intended to keep developing the skills necessary for an organization to keep itself, and its employees, safe online.

As we mentioned in previous blogs (https://univista.com/posts/cyber-scam-wrap-up/), your company is only as safe as its weakest link. Cybersecurity training is essential to help keep organizations further protected as most companies are unintentionally compromised from within by well-meaning employees.

Increasing amounts of activity and information are residing more on the Cloud now than ever before, therefore maintaining good online practices and following proper security procedures is the difference between an organization being compromised or not. Effective and ongoing cybersecurity training is a critical element UniVista recommends to help an organization’s employees build the skills necessary to help recognize cybersecurity threats.

If you have any questions regarding the cybersecurity training component of your UniVista Customer Support Agreement, please don’t hesitate to contact us.

In previous editions, we discussed the various forms of Phishing Attacks ( https://univista.com/posts/when-in-doubt-throw-it-out-e-g-delete-move-to-trash/ ) cybercriminals employ to take advantage of individuals and situations.  These include: Phishing Emails, Spear Phishing, Whaling Emails, Vishing/Smishing, Angler Phishing.  For a review of these techniques, please click the link above.

We frequently highlight new scams on UniVista’s Corporate Facebook page.  If you haven’t taken the opportunity to “Follow UniVista” at https://www.facebook.com/weareunivista, we highly encourage you to do so.

We wanted to wrap up this segment on cybersecurity scams with an easy to remember tip.  Firstly, human-error is the weakest link for cybercriminals.  Avoid just “clicking on things”. It’s always important to be on guard. You’re more vulnerable when you’re tired, frazzled, or distracted by work.  It’s times like these that we need to be most vigilant.

Volume and Credible Looking Attempts – Don’t take the bait!

Cybercriminals will send texts and emails with phony links that can not only cause a data breach but can also have many significant financial and legal consequences.  One technique is Prompt Bombing; in this scenario a message is sent multiple times, with a simple somewhat familiar clickthrough link, for example, from your bank, Amazon, eBay, etc.  Cybercriminals repeatedly send these malicious links with the hopes that if you receive something multiple times, and it looks somewhat familiar, you will just naively click on it to make it go away.  This scam is often done very late at night when an individual is likely tired, not at their peak performance and/or is awoken by their phone dinging on their nightstand, generally when their guard is down.  A good way to prevent this is to simply keep your phone in another room and/or turn certain notifications off, or put your phone on “do not disturb” mode at bedtime.

Another popular scam that also is used by the aforementioned “Prompt Bombing” scenario, is Impersonating Credible Sources.  In this scenario an email or text is sent from a “trusted source” that has very similar looking url’s to the original to click on.  These often mimic your credit or banking institutions, Amazon, Microsoft, etc.  Names that seem fine at first glance, but are just not quite right: “Faceboock”, “Micros0ft”, “Wells Fargoo”, etc. Usually, these are pretty easy to spot – unless you’re distracted and reading through things quickly.  The malicious link provided takes an unsuspecting victim to a “fake page” that resembles that institution’s/organization’s real page.  Often the fake page attempts to obtain the victims information, like passwords and account numbers, to gain access with later.

Multi-tasking Pitfalls.

Again, human error is typically an organization’s weakest link.  Unfortunately, individuals fall victim to these scams when they are distracted and trying to multi-task.  It’s best to make it a personal policy to never review or act upon these types of emails when you are busy doing other things.

If you have any questions on cybersecurity or how to keep your organization safe, please don’t hesitate to contact UniVista.  Additionally, for those of you who have a UniVista Support Agreement, we offer regular cybersecurity training.