Follow Jaron Linkedin
Email Jaron Email
Technology
Apr 5, 2022

How to Recognize and Reduce the Risks of Account Takeovers and Ransomware

Sponsored Content provided by Jaron Cayton - President, Team Logic IT

In the aftermath of recent cyber-attacks, many businesses are reevaluating their security protocols and implementing new procedures to help them recognize and respond to ransomware attacks. While not all attacks can be prevented, minimizing your exposure, and recovering quickly is key to protecting your business’s data and reputation.
 
What is an Account Takeover (ATO)?
Ransomware attacks are increasingly common and surprisingly easy to execute. Hackers use social engineering tactics to execute an account takeover (ATO). A common type of ATO attack is Business Email Compromise (BEC), which involves using deceptive tactics to gain control of an email account, often for the purpose of extorting funds or sensitive information. The attackers start by trolling public profiles of company employees, sifting through their Facebook or LinkedIn pages to find personal information such as birthdays, spouse’s and children’s names, and affiliations. Then, they send a deceptive email to a target to phish for the employee’s login credentials. Once the cyber criminals establish control of the employee’s email account, they set up masking and forwarding rules to hide their email activity in the compromised account, and work to gain control of the company’s computer systems.
 
Another way hackers gain access to systems is by sending a legitimate-looking email that prompts the recipient to click a link. After clicking, malicious software is installed on their computer without their knowledge. Once the employee’s computer is compromised, cyber criminals can track activity and gain access to the company’s computer systems. In the case of ransomware attacks, the perpetrators can restrict a company’s access to proprietary data and threaten to publish or destroy the information unless the ransom is paid. Mitigate the risks posed by ATO and ransomware attacks by ensuring you have sufficient employee training and security protocols in place.
 
Educate Employees on ATO
Since ATO attacks hide behind the appearance of a legitimate email account, they are notoriously difficult to combat. As savvy cybercriminals invent new ways to execute account takeovers, companies should proactively educate employees on how to recognize this threat to minimize costly fallout. 
 
ATO attacks often involve communication between two companies, such as a third-party vendor and the business it serves. As an example, a hacker may compromise a vendor employee’s account, impersonate the trusted contact via email, and attempt to gain information to breach the target company’s computer system. In many cases, there is no perceptible difference between an authentic communication and one sent after an account takeover; the phishing email appears to come from the vendor’s email address.
 
Certain security protocols can help reduce this risk. Educating employees on your established email security practices is a necessary part of preparing your company for potential attacks. Chapters of professional societies and industry associations often hold seminars and trainings on these topics. Also consider seeking professional IT consulting services to establish a formal, ongoing security training program for employees.
 
Establish and Monitor Best Email Security Practices
In addition to a strong employee training program, manage your risk by implementing the most up-to-date email security systems and performing ongoing monitoring for threats.
 
Keep in mind that legacy email security tools, such as DMARC, DKIM and SPF systems, rely on known attack signatures to recognize potential attacks, so they are not the best suited for detecting ATO attacks that impersonate a trusted email account. Implementing a preventative measure such as multi-factor authentication (MFA) is one potential solution. The best course of action is to consult with an IT security expert about the right email security tool for your business and how to strengthen your email security protocols.
 
While shoring up your defenses in house, be on the lookout for potential cybersecurity threats to arise in your extended network, too. To avoid unnecessary risk, it’s important to work only with vendors and other third parties that take security seriously and mitigate risks with appropriate email security solutions, policies, and procedures. 
 
Investing in email security now will pay off in the long run, particularly as ransomware, social engineering and ATO attacks become more widespread in our digital age. Secure systems mean less time and resources wasted managing breaches and more confidence in your brand.
 
Enlist the expertise of TeamLogicIT for help administering a cybersecurity education program, reducing your ATO exposure, and responding to any security concerns that arise.


As president of TeamLogic IT, Jaron Cayton consults with business owners and executives to enhance their IT solutions and internal communication tools. As a former educator, Jaron is skilled at teaching others to be proactive in handling cybersecurity in today’s constantly evolving marketplace. Committed to building positive customer relationships, Jaron enjoys helping clients to protect their business and assets with technology that matches their needs. Whether your company is looking for IT consulting, education, security solutions, or referrals, TeamLogicIT aims to serve as your trusted technology advisor. 
 
 

Teamlogicit 75201115261 9232135545
Ico insights

INSIGHTS

SPONSORS' CONTENT
Headshot1 2162265156

The Guiding Principles of a Credit Union

Sarah Stone - Excite Credit Union
Earuth300x300

Building and Strengthening our Local Community

Ea Ruth - Cape Fear REALTORS®
Chris coudriet

A Public Service Profile for Housing Affordability

Chris Coudriet - New Hanover County Government

Trending News

After County Plea, Treasurer ‘neutral’ On Whether Project Grace Gets Vote Next Meeting

Johanna F. Still - Aug 8, 2022

Three Locals And One Distillery Compete In Statewide Chef Showdown

Jenny Callison - Aug 8, 2022

New Hanover Community Endowment To Share Details On Grant Criteria

Staff Reports - Aug 8, 2022

In The Current Issue

Beach Equipment Rentals Sizzle

For some beachgoers, their perfect day is lazing on the shore, soaking up rays. For others, it’s water sports or maybe biking alongside the...


Film Focus: Printing The Scene

Port City Signs & Graphics "does everything for their set in the way of decals, magnets, backdrop items, canvas art, vehicle graphics and se...


Film On Rebound; New Horse Enters Race

New soundstages in Wilmington are set to be constructed toward the end of the year – marking activity that appears hasn’t happened since the...

Book On Business

The 2022 WilmingtonBiz: Book on Business is an annual publication showcasing the Wilmington region as a center of business.

Order Your Copy Today!


Galleries

Videos

Trying to Grow a Business?
2020 Health Care Heroes
2020 WilmingtonBiz 100