According to a New York Times report, the newspaper has been under attack from Chinese hackers for the past 4 months. Allegedly, the attacks coincided with a report the paper published in October about a relative of China's prime minister.The hackers gained access to the newspaper's computer systems and obtained passwords for reporters and other employees by way of a phishing scam. A phishing scam involves sending an email message customized for you or your business to lure you to click on a link. It typically downloads malicious code to your computer, enabling hackers to access your passwords and sensitive information.
Here are some tips to keep in mind to protect yourself and your business
1. Educate employees about malicious emails
An informed staff is your first line of defense. The problem with phishing scams is that they're engineered to look like legitimate messages. But the more suspicious your employees are, the more likely they should be to delete the message without clicking on any of the links. They should be skeptical of messages that urge them to "verify" or "update" account information.
If an employee does receive a scam email, he or she should alert you or your business IT
department so you can notify your entire team to avoid it. Many email providers and internet browsers also allow you to report suspicious emails or websites.
2. Keep your anti-virus up-to-date
One of the easiest steps businesses can take is to update their antivirus software and spam filtering, as these can help weed out potentially malicious email messages. It's also smart to make sure your computers and mobile devices are running up-to-date versions of software, with the most recent bug fixes. Many web browsers also "blacklist" sites that have been identified as known phishing offenders.
3. Update and create strong passwords
If your company does fall victim to an email scam, hackers can target your passwords -- the gateways to your sensitive professional and personal information. Make sure to create passwords that are easy for you to remember but also aren't obvious. Security professionals often recommend creating passwords that are at least 14 characters long, contain letters as well as numbers, and use upper and lower case letters.