April - 2015 - issue > CXO INSIGHT

Your SMB's Biggest Security Threat Could be Sitting in Your Office

Luke Walling, VP & GM of SMB, Avast Software

Wednesday, April 1, 2015

Forward

Luke Walling, VP & GM of SMB, Avast Software

Security threats are evolving quickly, making it difficult to pinpoint just one threat that is currently affecting small and mid-size businesses. From the threats we have observed in the past and the ones we anticipate for the future, we have learned that while malware can be damaging to businesses, so can human decisions. This makes it vital for small and mid-size business owners to discuss possible threats with their employees and share basic IT guidelines with them, but more importantly, to implement a strong security solution that holds up dangers before they become a real threat.

Taking Advantage of Human Nature: Social Engineering

Hackers understand that it is human nature to make mistakes, which is why they often turn to social engineering. Social engineering is a tactic that tricks people into revealing their personal information, like log in details, or into performing actions, like downloading malware disguised as an attachment or link.

Phishing emails are a popular form of social engineering that can easily sneak their way into your employees' inboxes, disguising themselves as yet another offer, promotion, or even customer, if you do not have anti-phishing protection. Phishing campaigns come in many forms; they can either use scare tactics to make people believe they are in trouble or that they have won a prize.

In the last few months we have seen Trojans like Pony Stealer and Tinba make their rounds. Both Pony Stealer and Tinba attempted to convince people they owed money and to download an invoice, which was of course not an actual invoice, but a trojan.