Monday, October 9, 2017

How Important is User Education to Cyber Security?

User education is more important than basic network security, because user education stops attacks before they ever access your network. You can have the best anti-malware software available, but it won't be able to stop every attack. As malware writers improve their attack tactics, anti-malware can't keep up.

Anti-malware programs can't protect you from certain attacks, mainly phishing. Phishing is one of the most common attack vectors used today, and it has been responsible for major data breaches. An attacker sends emails to several recipients within the organization. All it takes is for one of these recipients to access a malicious site, input their user credentials, and the attacker has access to your network. No amount of anti-malware procedures can protect from this type of attack except for user education.

What Happens When Users Don't Recognize Attacks?

Several recent successful attacks have been from users falling prey to phishing attacks. Even Google had a recent outbreak of a widespread phishing attack that spread across several education systems (

The attacker created a page that looked similar to the Google login screen and tricked users into giving them access to their accounts. Although the attacker never took advantage of account access, he could have authorized password resets and used the account information to sell on the black market.

You could ask yourself how something like this could be prevented. There is no technology that prevents this type of attack other than educating your users. The result of a successful attack can be devastating to your customers and employees, which is why user education is more important than having anti-malware software on your network.

What Can You Do to Educate Your Users?

It's not easy to educate users, because what seems like an obvious scam to you might not be so obvious to your users. They need to understand the red flags, and then apply some common sense from what they learn. The best way to educate users is to show them example phishing emails and describe the red flags.

If you have a Gmail account you probably have several phishing emails in your spam folder. You can use these to show your users what a phishing email looks like. There are several standard types like the Google lottery scam or the Nigerian prince scam, but you should show your users the emails that attempt to phish for private details such as usernames and passwords.

For instance, one common phishing scam is using a clone of PayPal. The attacker creates an email that uses the PayPal logo and tells the user that PayPal requires them to reset their password. If the user falls for the scam, the attacker has their PayPal username and password, and he can log in and steal their money. This attack is very similar to what happens when the attacker focuses on a corporate network, so it's a good example to show your users.

After you have some phishing emails collected, you can show users the common red flags, which include:
   Shortlinks included in the email message
   Hovering the mouse over a link shows a domain different than the official PayPal domain
   Poor English spelling and grammar
   The sender's address is from a free email account such as Gmail, Hotmail, or Yahoo

In addition to training users to recognize red flags, you should also train them to report suspicious emails. The email administrator can block future attacks from the sender based on the sender address or the email content. It also lets IT know that someone is attacking the corporation, and managers can be alerted in case of a spear phishing attack, which is an attack that targets high-level executives.

Even if it seems like a waste of time, educating users can have a huge positive effect on your network's security. You can stop attacks before they become major data breaches. These breaches affect your corporate brand and customer trust. By educating users, you have a stronger security system in place.

For help with implementing this or other technology solutions contact:

Robert Blake
Bit by Bit Computer Consultants
721 N Fielder Rd. #B
Arlington, Texas 76012 
Direct 817.505.1257
Mobile 972.365.7010