Cybercriminals often target you, when you on vacation and offline for longer periods. The attackers gathers key information about how long you will be out of the office, your office locations, they may use your co-worker or assistant to perform social engineering against your firm. They can use the out-of-office message to attack your business.
The cybercriminals uses different ways to target you; they gather information about you and your business from different social media sites and plan their attack. You can use different methods to stay protected during vacation. Given are some ways to stay secured and protected.
UEBA settings to spot unusual holiday behavior
User and entity behavior analytics (UEBA) is one of the best technologies you can use during vacations to looks for multiple concurrent logins, impossible logins based on geography, unusual file access as well as password spray techniques. This technology is improving to provide you total data security. It will help in identifying and preventing malicious activities.
UEBA can trigger an alert to the owner when a new device and location is detected. It also specifies the numbers of login failures and delays the login by forcing re-authentication across the end-users.
Fighting targeted, macro-delivered attacks
Emotet is a type of malware that uses various attack methodologies to gain access to your systems. The infection usually comes with malicious script, macro-enabled document files, and malicious links. These malware uses macros to launch the attack and Microsoft office documents are a potential carrier of such malicious macros.
So before going on vacations, it is vital to protect your system from malicious macros. Ensure that your office patches are up-to-date. If you are using excel and word enable macros than you should follow the following settings in your office programs before leaving for a vacation.
- It is vital to disable Office macros either word, excel and others
- Keep it enabled for the specific apps
- Keep it enabled for the staff that relies on it to work.
- Update your entire system before leaving.
- Install the latest version of the office in your system.
- Use anti-malware products that incorporate with your window.
- Use the two-factor authentication process for logins.
- Train your employees about the warning messages and how to enable and not enable office files.