Bot malware is a growing security threat

If we talk about ‘bots’ you’d be forgiven for thinking of the amazing AI chatbots that have been all over the news lately.

But this isn’t a good news story. Bots are just automated programs, and bot malware is a worrying new security risk you need to defend your business against.

Malware bots are particularly dangerous because they steal whole user profiles – that’s a complete snapshot of your ID and settings. This potentially allows cyber crooks to bypass strong security measures like Multi-Factor Authentication (MFA).

Don’t forget your phone when you think about cyber security

Our phones are a goldmine of private information. Just think of all the financial details, personal messages, banking apps, photos and contact information that live behind that little glass screen.

And if your team use phones for work, they’ll often have access straight into company systems – email, contact lists, network access, file systems. So if they’re not kept as secure as any other device in your workplace, they can become a gaping hole in your cyber security.

Criminals know this, of course, which is why they target us through our phones just as much as they do through our networks and servers.

But cyber crime isn’t the only concern. Just losing your phone, or having it stolen, can put your data at huge risk.

Cyber attacks are getting bigger and smarter. Are you vulnerable?

Have you ever tried to buy tickets for a huge event and found that the seller’s website has collapsed under the weight of thousands of people all trying to do the same thing at the same time?

The ticket site falls over – usually temporarily – because the server is overloaded with traffic it doesn’t have the capacity for.

Criminal Distributed Denial of Service attacks – DDoS, for short – exploit the same principle.

When a DDoS attack targets a business, it floods it with internet traffic in an attempt to overwhelm the system and force it to fail.

This results in the business and its customers being unable to access services. That may trigger a temporary failure, or it could be more serious. Last year, the average DDoS attack lasted 50 minutes.

AI is making phishing scams more dangerous

AI chatbots have taken the world by storm in recent months. We’ve been having fun asking ChatGPT questions, trying to find out how much of our jobs it can do, and even getting it to tell us jokes.

But while lots of people have been having fun, cyber criminals have been powering ahead and finding ways to use AI for more sinister purposes.

They’ve worked out that AI can make their phishing scams harder to detect – and that makes them more successful.

Our advice has always been to be cautious with emails. Read them carefully. Look out for spelling mistakes and grammatical errors. Make sure it’s the real deal before clicking any links.

And that’s still excellent advice.

3 ways to protect your business email

Most cyber attacks start with an email.

So let’s show you three things you can do right now to make it harder for criminals to launch an email attack on your business.

Is your security focusing on the right things?

To protect your home from an intruder you make sure your doors and windows are all locked and secured. You might go further: build a fence around the perimeter, perhaps even get an angry-looking dog to stand guard.

But there’s no point going to all that effort if someone’s already broken in and set up camp in the basement.

Yet that’s the security policy of thousands of big businesses trying to protect their data from cyber criminals.

Getting to Grips with Email Security

Owners of small and medium-sized businesses often make the mistake of thinking that they aren’t on the criminals’ radar. But more than 40% of cyber attacks are aimed at small businesses – and email is usually the criminals’ way in.
Our new guide, ‘Getting to Grips with Email Security’, reveals why you might be vulnerable, what you need to look out for and what you can do to protect yourself.

Young employees have different attitudes to cyber crime

If you employ anyone aged between 16 and 19, you need to pay special attention to the cyber security training you’re giving your team.

A new study has revealed that a host of worrying online behaviour has become almost normalised among many young people. And much of this activity is illegal.

We’re not talking serious cyber crime such as ransomware attacks or stealing data.

But one in three 16 to 19-year-olds have admitted to digital piracy; and a quarter have tracked or trolled someone online.

Most of these behaviours may not directly affect your business. But some are so commonplace that too many young people view them as a part of everyday life.

Take action to avoid a devious new phishing scam

Another day, another scam. And this is a sneaky one.

Cyber criminals are getting smarter. This recent malware threat is unusually smart. It impersonates a highly trusted brand name to get a foot in the door.

Targets receive a convincing looking email that appears to come from a widely used e-signature platform.

Attached to the email is a blank image that’s loaded with empty svg files, which are carefully encoded inside an HTML file attachment (stay with us here).

In short, it’s very clever and it’s tricking its way past a lot of security software.

3 steps to better cloud security

Cloud services are become more common for business use. They are convenient, make working remotely easier and have more and more features added over time.

However, are you sure that your business data is secure?

Our latest video will tell you about 3 things you can do today to make sure that your data is as secure as possible