5 Seemingly Innocent Download Habits Your Employees Must STOP Now To Avoid A Ransomware Attack

Apr 7, 2023 | Blog


Once upon a time, you could install antivirus software and go about your merry way online and in your inbox, opening, clicking, and downloading files without care.

Today, an antivirus alone cannot and will not protect you, especially if you INVITE the hack by downloading a file that is infected with a piece of code designed to circumvent your security protocols. Whether it’s a personal computer, phone, or laptop you use for business, here are 5 things you need to STOP doing now to ensure you don’t get hacked.

1. STOP downloading apps from unknown sources.

There are thousands of free apps available online that are very tempting to download. Hackers are masters at curiosity and “click bait” designed to nail you in a moment of weakness. To prevent rogue apps and programs from installing, configure your devices to disallow the installation of programs from unauthorized sources. On your phone, ONLY download apps from your device’s respective app store that are tested and forced to meet the store’s security and privacy requirements.

Business owners: while I’m sure all of your employees are trusting souls, it IS possible (and recommended) to have business machines locked down, preventing your employees from downloading any applications (or files) that could harm you and compromise your security.
NIST 800-171 recommendation is to limit access only to the privileged user. That means your employee should not have access to install and download the software as they wish. Even you as the CEO should not. A best practice is to have a separate account the privileged to install applications on company devices.

2. STOP surfing the web unprotected, particularly when accessing publicly available Wi-Fi Access.

This is particularly true if you are on public WiFi. Starbucks is not going to guarantee your Internet connection is safe, nor is any other business, restaurant, or location offering free Internet access. Talk to your IT company (that’s US!) about installing more than just antivirus, but endpoint protection solutions, like advanced Endpoint Detection and Response (EDR), Company Provider Virtual Private Network (VPN) Connector, that will “hide” your from cyber criminals and filter out nefarious websites and attacks so you CAN use public WiFi without the fear of inviting a hack.

3. STOP opening and downloading files e-mailed to you without Evaluation and caution.

Phishing attacks via e-mail are still the #1-way hackers gain access to a network. It’s very common for an attacker to hack into someone’s e-mail and get their list of friends, colleagues, coworkers, and their boss to send e-mails that appear legitimate on “their” behalf, even using their actual e-mail – these are highly sophisticated phishing attacks. So, before you open or download ANY file e-mailed to you (including PDF, Potential Proposal Opportunity), make sure it was one you were expecting. (watch this video of a real proposal Hoaxs) It’s far safer to use IT-managed file sharing like OnDrive, SharePoint or Citrix ShareFile to send attachments. But the bottom line is this – Ask yourself “Why has this file been sent to me, who is sending me this file? If ANY file “feels” wrong or suspicious about a file download, including a weird extension or suspicious file name, CALL the person who sent it to verify and ask them where and how they get the file if it is a solicitation, RFQ, RFI, and another procurement related opportunity. Some folks are just trying to help but unknowingly sending and propagating infected files. Trust me it happens to me. See the video link above.

4. STOP downloading “bloatware.”

It’s common for legitimate, reputable apps to sneak in other applications or toolbars you don’t need. They sell this as a sponsorship to make more money every time one of their users downloads an app. The best way to spot these is to look for checkboxes when installing that automatically opt you into services by default. Some even change the “next” button located just to make sure you accidentally say yes. So, before you hit “Next” and keep rolling to get your app installed, take a second to really read and review what you’re agreeing to when installing that new app.

5. STOP downloading music, software, games, movies, and the like from websites like BitTorrent, RARBG, 1337x, and similar peer-to-peer file-sharing sites

It’s very common for file-sharing networks to be breeding grounds for hackers who post files infected with malicious software for people to download. Some of the ads on these sites are malicious as well. Don’t feel “safe” just because you have antivirus – because you’re not.

Business owners: after showing this to your team for both their work and personal devices, click here to schedule a quick 10-minute call to find out how we can implement security systems that will give you stronger protections against hackers and against employees who accidentally click on or download a malicious file. We have controls to implement CMMC 2.0, NIST 800-171 R2, and other requirements to keep your business secure from cybercriminals and known state actors.


Cyber-Attack Takes Omni Hotels & Resorts Offline; Here’s How To Travel Safely

Cyber-Attack Takes Omni Hotels & Resorts Offline; Here’s How To Travel Safely

In early April, Omni Hotels & Resorts faced a crippling cyber-attack, highlighting the critical need for cybersecurity awareness, especially when traveling. Discover essential tips to safeguard your devices and data while on the move and learn from the costly repercussions of network vulnerabilities in today’s digital landscape.

What Is Bad IT Support Costing Your Business?

What Is Bad IT Support Costing Your Business?

In our technology-driven world, efficient IT support is not just a convenience—it’s a necessity for any successful business. Reliable IT services ensure seamless operations and protect sensitive data, ultimately safeguarding your productivity and bottom line. However, not all IT support is created equal. Settling for subpar services can have severe financial consequences, affecting everything from employee productivity to customer satisfaction. In this blog post, we delve into the hidden costs of inadequate IT support, including unresolved issues that can escalate into expensive security breaches, inefficient processes that waste time and money, and unexpected downtime that halts business operations and impacts your profits. We’ll also discuss how sloppy systems can open your business to significant security risks. Understanding these risks is crucial for any business owner committed to maintaining operational efficiency and protecting their company’s future.