Databranch Color Logo
Databranch Monthly Tech Talk
IT Solutions for the Workplace
July | 2022
What's Inside?
01 - Update from David
02 - MSP 501 Winner!
03 - Introducing Renee
04 - Cybersecurity Awareness Training
05 - SLAM Method
Did you know?

Michael Dell (founder of Dell), Mark Zuckerberg (founder of Facebook) and Steve Jobs (founder of Apple) are all college dropouts.
We are pleased to announce that Databranch has ranked on Channel Futures 2022 MSP 501!

The MSP501 ranks top MSPs from around the world, proving we are among the best at what we do.

As a 2022 winner, we are excited to be in an industry community of leadership and excellence.
Introducing: Renee Congdon - Client Services Coordinator
How would you describe your role at Databranch?

I assist with allocating engineers and resources so that we can efficiently execute services for our customers.

When did you join the Databranch team?

I joined the Databranch team on June 20th, 2022
MONTHLY UPDATE
FROM DAVID
When you hear those identify theft commercials, you’re most likely thinking about personal stuff.

There is a lot of personal identity theft going around.

Credit cards get stolen, loans are taken out in people’s names, and victims spend years digging out of the financial nightmare.

This can easily happen to businesses as well.

Business identity theft is a growing issue and one that can cost you big time!

In 2018, there was a 200% increase in fraudulent business wire transfers.

Business identity theft losses have also been increasing in recent years by as much as 270% to $1.2 billion in one year.

Business information used at a bank can mean a larger loan or credit card limit for a scammer.

Are you guarding your business details well enough?

Some scammer could have your tax ID, coupled with your business address, and wire transfer details.

That’s all they need to try to steal some of your hard-earned money.

Have you checked your financial reputation lately?

Looked to see if your business details are on the dark web?

If not, you could be in big trouble!

We’re not here to scare you.

We just hate seeing hard-working business owners become victims of these scammers.

Reply to this email to set up a visit or give us a call at 716-373-4467 x 15 if you’d like to discuss some next steps to ensure your business identity is secure.

You can also visit our website here to learn more about the solutions we provide to enhance your cybersecurity.

Stay safe,
David Prince
President - Databranch
How Often do you Need to Train Employees on Cybersecurity Awareness?
You’ve just completed your annual phishing training where you teach employees how to spot phishing emails. You’re feeling good about it, until about 5-6 months later when your company suffers a costly ransomware infection because someone clicked on a phishing link.

You wonder why you seem to need to train on the same information every year, and yet still suffer from security incidents?

The problem is that you’re not training your employees often enough.

People can’t change behaviors if training isn’t reinforced regularly. They can also easily forget what they’ve learned after several months go by.

So, how often is often enough to improve your team’s cybersecurity awareness and cyber hygiene?

A recent study identified that training every four months is the “sweet spot” when it comes to seeing consistent results in your IT security.

Employees were tested at several different time increments:
  • 4-months
  • 6-months
  • 8-months
  • 10-months
  • 12-months

It was found that four months after their training, they were still able to accurately identify and avoid clicking on phishing emails.

However, after 6-months, their scores started to get worse. Then they continued to decline further the more months that passed after their initial training.

So, to keep employees well prepared to act as a positive agent in your overall cybersecurity strategy, it’s important they get training and refreshers regularly.

Tips on What & How to Train Employees to Develop a Cybersecure Culture

The gold standard for employee security awareness training is to develop a cybersecure culture. This is one where everyone is cognizant of the need to protect sensitive data, avoid phishing scams, and keep passwords secured.

Unfortunately, this is not the case in most organizations. According to the 2021 Sophos Threat Report, one of the biggest threats to network security is a lack of good security knowledge and practices.

The report states, “A lack of attention to one or more aspects of basic security hygiene has been found to be at the root cause of many of the most damaging attacks we’ve investigated.”

Well-trained employees significantly reduce a company’s risk of falling victim to any number of different online attacks.

To be well-trained doesn’t mean you have to conduct a long day of cybersecurity training every four months. It’s better to mix up the delivery methods.

Here are some examples of engaging ways to train employees on cybersecurity that you can include in your training plan:
  • Self-service videos that get emailed once per month
  • Team-based roundtable discussions
  • Security “Tip of the Week” in company newsletters or messaging channels
  • Training session given by an IT professional
  • Simulated phishing tests
  • Cybersecurity posters
  • Celebrate Cybersecurity Awareness Month in October

When conducting training, phishing is a big topic to cover. Click here to learn more about how our continuous security awareness training program can benefit your business.
How Using the SLAM Method can Improve Phishing Detection
Why has phishing remained such a large threat for so long? Because it continues to work.

Scammers evolve their methods as technology progresses, employing AI-based tactics to make targeted phishing more efficient.

If phishing didn’t continue returning benefits, then scammers would move on to another type of attack. However, that hasn’t been the case. People continue to get tricked.

In May of 2021, phishing attacks increased by 281%. Then in June, they spiked another 284% higher.

Studies show that as soon as 6 months after a person has been trained on phishing identification, their detection skills can begin waning as they forget things.

Give employees a “hook” they can use for memory retention by introducing the SLAM method of phishing identification.

What is the SLAM Method for Phishing Identification?

SLAM is an acronym for four key areas of an email message that should be checked before trusting it.

These are:

S = Sender
L = Links
A = Attachments
M = Message text

By giving people the term “SLAM” to remember, it’s quicker for them to do a check on any suspicious or unexpected email without missing something important.

All they need to do is run down the cues in the acronym.

S = Check the Sender

It’s important to check the sender of an email thoroughly.

Often scammers will either spoof an email address or use a look-alike address that people easily mistake for the real thing.

L = Hover Over Links Without Clicking

Hyperlinks are popular to use in emails because they can often get past antivirus/anti-malware filters.

You should always hover over links without clicking on them to reveal the true URL.

This often can immediately call out a fake email scam due to them pointing to a strangely named or misspelled website.

A = Never Open Unexpected or Strange File Attachments

Never open strange or unexpected file attachments, and make sure all attachments are scanned by an antivirus/anti-malware application before opening.

M = Read the Message Carefully

If you rush through a phishing email, you can easily miss some telltale signs that it’s a fake, such as spelling or grammatical errors.

Get Help Combatting Phishing Attacks

Both awareness training and security software can improve your defenses against phishing attacks. Contact us today at 716-373-4467 x 15 or info@databranch.com to discuss your email security needs.

Article used with permission from The Technology Press.
Technology Trivia

How are you supposed to pronounce “GIF”?

The first person to email us at info@databranch.com and give a correct answer gets a $25 Amazon Gift Card!
Need a Laugh?

What shoes do computers love the most?
 
Re-boots!
If you were forwarded this email from one of our great Databranch clients and would like to receive future updates, reply to this email and we will add you to the list!
Databranch | www.databranch.com