Preparing for phishing attacks can keep nonprofits protected

June 6, 2013

Preparing for phishing attacks can keep nonprofits protected

Nonprofits often have a lot of information stored in their virtual infrastructure, including personal data about donors, confidential financial statements and plans for expansion. The last thing any organization needs to deal with is a phishing attack that infects all devices on the nonprofit's network with viruses that install malicious software. Needless to say, protection against these attacks should be a top-of-mind priority for IT professionals at all organizations.

Phishing attacks are becoming more prevalent
Managers at nonprofits need to ensure that everyone on the team is aware of best practices for dealing with foreign email addresses and messages that seem suspicious. Recent research from security-as-a-service provider Proofpoint revealed 58 percent of IT professionals said their organization had been the target of email spear phishing attacks within the past 12 months, while 56 percent stated their organization may have also experienced another potential targeted attack or advanced persistent threat.

With more than half of IT security professionals suspicious of attacks, nonprofits have to make sure everyone within the organization is aware of how to identify potential threats, especially when navigating their email inboxes. Sixty-five percent of respondents at organizations with more than 1,000 employees said they were more likely to be the target of a phishing attack.

"These figures underline the fact that data theft continues to be a huge problem and that the organizations that perpetrate crimes involving data are becoming more and more sophisticated," said Gary Steele, CEO at Proofpoint. "The corollary is that more sophisticated defenses are needed."

Protection from spear phishing should be a priority
Many phishing attacks aren't created to infiltrate the virtual infrastructure of one entity, they usually try to seek out as many victims as possible, but there are threats that are more targeted attack, known as spearing phishing. These attacks go after one particular user or organization by posing as email users that seem legitimate, according to Tech Republic.

Cybercriminals often seek out public social media profiles or other information platforms to learn about their target before launching a spear phishing attack. Many hackers who go after a particular nonprofit have a reason, and all members of the team need to be prepared. The website said It's important that email users remain vigilant and they all know how to detect potential attacks. Here are some tips: 

  • Don't trust embedded links: Many email users are too trusting of links that are in emails. Organizations need to teach their team that phishing attacks are often launched by clicking a link, which leads to a malicious domain. Even if the link is believed to be legitimate, users should type the link manually into the browser to avoid a potential attack.
  • Be wary of attachments: Phishing experts use attachments to lure email users into an attack. Any time an attachment is received, it's important to call the sender to tests its legitimacy. Hackers have been known to embed attachments into spoofed emails, making them seem more trustworthy.
  • Threats can be a dead giveaway: Many phishing attackers try to use scare tactics to get email users to falling into their trap. The website stated messages that warn of harsh consequences without completing an action are a common strategy computer hackers use. Managers at nonprofits should warn their team not to follow directions in such emails, even if they seem like they're from a trusted sender.
single-post2268

Ready to chat?
Get in touch today to request a no-obligation savings evaluation.

Testimonials

NYCON members who use First Nonprofit’s programs enjoy enduring savings and improved efficiency. Our association knows that success, because from the beginning, we achieved the same great benefits. Great savings, seamless technology, and responsive service. NYCON highly recommends First Nonprofit’s remarkable unemployment solutions.

New York Council of Nonprofits, Albany, NY

We were introduced to First Nonprofit through another housing authority. In our analysis and comparison to what we were paying the State, our first year savings was $5,800 plus. We have been with them since the end of 2008 and I am glad we have been. I consider them an arm of our HR department.

Kankakee County Housing Authority, Kankakee, IL

Because INCS advocates for the operating conditions that allow charter public schools to provide high quality public education, partnering with First Nonprofit was an easy decision. First Nonprofit’s unemployment programs provide our member schools two operating elements crucial to their ability to provide high quality public education: savings and budget certainty. Capable, committed teachers are the key to student success. By participating in the unemployment insurance savings plan, charter public schools gain peace of mind and are able to invest more money in their teachers.

Illinois Network of Charter Schools

Throughout our membership in the Unemployment Savings Program, First Nonprofit understood our demands, community dynamics, and the importance of seamless services; that allowed us to serve our constituents better.

Hugh Parry, Retired President of Prevent Blindness America