Digital Security for Mobile Service Fleets in 2019 (Are You Phish Proof?)

Want to keep your mobile fleet secure in 2019? Here is a list of things to watch out for to maintain your fleet’s data security this year. We also identify the various phishing scams that are the cause of a majority of preventable security breaches for companies.

A Credible (and Preventable) Threat

With more and more businesses and their teams sharing information and data via their smartphones, it is becoming all-too-commonplace for sensitive information to land in the wrong hands.

Businesses – and especially those with a distributed mobile service fleet, should practice extreme vigilance and prepare for mobile security threats.

Preventing Data leaks

Data (and transactional data, in particular) is of great importance to any business — it helps to quantify the success of the business and to help optimize its operations. Sadly, preventable data leaks continue to be one of the most irksome threats to the security of businesses of all kinds.

A typical data leak is often completely unintentional. These leaks occur when sensitive company information, such as account and client contact details, is transferred between devices and storage solutions. Most leaks are not malicious in nature, but rather the result of poor decision making by users who are blissfully unaware of their potentially-hazardous actions.

By making use of data loss prevention tools (DLPs) such those offered by Symantec and SecureTrust, an enterprise can, to a large extent, prevent the disclosure of sensitive information and continue to conduct business in a safe environment. Choosing safe and secure cloud-based technology to handle transactional data is the single best line of defense, particularly for mobile service businesses.

Lock Out Wi-Fi Interference

Thanks to mobile devices and Wi-Fi, we can now conduct business from just about anywhere in the world. Modern-day smartphones and tablets boast the latest in onboard-security to protect the user’s privacy at all costs.

Unfortunately, connecting to unsecured public Wi-Fi networks can compromise that privacy and security. Wi-Fi interference is becoming a common concern, whether your business has a single wireless network or multiple access points.

Research conducted by security firm Wandera found that corporate mobile devices connect to Wi-Fi networks as many as three times more than they use cellular data connections. One of the easiest and most effective ways to secure your internet connection is by making use of a trusted virtual private network (VPN). Apart from enhanced security and remote access, VPNs also allow organizations to enjoy better performance and sometimes even reduce costs.

Other Threats to Be Aware Of

The year ahead promises great technological advances and likely new threats to mobile fleet security. As users of technology, we can’t prevent large scale events like when a major wireless network is attacked— which could result in personal data of millions of users being accessed.

Responsible cloud vendors are constantly self-auditing their security practices, identifying and fixing any potential vulnerabilities.

For most companies though, it isn’t large data breaches or hacks that cause security holes. In many cases, it’s user error — a team member falls victim to a phishing scam or compromises their password security in some other way.

Are You (and Your Service Company) Phish Proof?

Phishing is one of the most common forms of cybercrime. You’ve likely been targeted by a phishing attack—and you might not even know it. In fact, more often than not, when people claim they’ve been “hacked,” they’ve in fact been phished.

What is phishing? It’s the act of collecting personal information—including bank account numbers, passwords, and usernames—through electronic means. Things like deceptive email messages, web pages, texts, and phone calls.

According to RSA’s report for the third quarter of 2018, phishing attacks made up 50% of cyber attacks this year. That number is a huge increase from 2017. That’s why it’s important to learn what the most common types of phishing attacks are, and how you can reduce your odds of falling for them.

Why it Matters for Your Service Company

It’s important for the protection of your personal and business data. As more of your company and customer information goes digital, it’s prudent to maintain some digital security best practices. To do that, a little bit of security knowledge and literacy goes a long way. This list will help you identify and prevent phishing attacks, both for you and your team.

Here’s what to watch out for.

Common Types of Phishing Attacks, Explained

Spear Phishing

One type of phishing is spear phishing, in which the message is targeted toward one person, not just anyone. Spear phishers put their target’s name in the message and try to make it look like it’s coming from a friend or colleague using a spoofed email address. They might get this information from social media, such as LinkedIn.

For instance, a spear phishing email might look like it’s coming from the accounting department at work, requesting your bank account number or home address. It might also look like it’s coming from your bank or favorite store, with a link asking you to input sensitive information, such as a password.

Whale Phishing

Whale fishing is a subset of spear phishing, as it targets “big fish,” such as CEOs and board members. After all, these individuals tend to have access to more information, like important passwords and bank account numbers, than the average person.

While it may take longer for scammers to convince these “big fish” to give up personal information, the payoff is usually better than with regular spear phishing because they often get access to personal information from the entire company, not just one person.

Vishing

Vishing is short for “voice phishing.” As you might guess, it involves the phone rather than email.

It can take the form of a phone message or call that claims to be a financial institution. It might ask you for your account number, password, or other sensitive information. The message will usually ask you to press a number to talk to a representative. Alternatively, they will provide you with a phone number to call so you can give them the information.

Either way, they may trick you into giving up personal information. With that info, they can take money from your account within minutes, making vishing a dangerous attack if you fall for it.

Snowshoeing

In snowshoeing, scammers send messages to several IP addresses and domains, with the intention of avoiding spam filters. This ensures that at least some of the emails make it into inboxes before filters identify them as spam. This is much like how snowshoes distribute weight evenly over a large area, so you don’t sink into the snow.

How to Protect Against Phishing Attacks

Arm yourself with the information you need to ensure you don’t become a victim of these. You can expect to occasionally receive emails and phone calls trying to phish for information from you. But you won’t fall for them once you know the telltale signs of phishing attacks, and what to look for:

• Spelling and grammatical errors are your first red flags
• Don’t assume you know the sender, whatever they may say
• Be wary of links and attachments
• Report suspicious emails and phone calls

Want to know more tips on preventing phishing attacks? Read more at InspiredeLearning.

9 Digital Security Tips for Service Businesses

We prepared a complete list of steps to secure your company’s data. Read Vonigo’s nine digital security tips for service businesses with mobile fleets. Learn best practices like password protocol, two-factor authorization, and safe storage your data in the cloud.

Ask Us About Our Cloud Software and Data Security for Service Businesses

Want to learn more about service business management software? We can show you how we can help keep your companies’ data secure as your company grows. Book a free, private demo of Vonigo.