Cybersecurity Threats Facing Not-For-Profits
When the media covers cyberattacks, ransomware, and hacking, the focus is usually on for-profit companies with millions (or billions) in revenue.
But don’t be fooled: any organization with funding, customer (or donor) information, and mission-critical data is at risk, including your not-for-profit. According to the Identity Theft Resource Center, data breaches were up 38 percent in the second quarter of 2021.
To maintain network security, remind your team to use utmost care when responding to emails and clicking links. Here are a few of the most popular hacks targeting your busy staffers:
Phishing: Phishing gets users to divulge key information, usually via emails and texts that look legitimate. Embedded links lead to fake websites where users are asked to enter passwords, financial information, or other protected data.
Spear phishing is more sophisticated. With spear phishing, a particular set of users is researched and targeted, so emails and other communications appear to be from a friend, colleague, or boss, meaning recipients are more likely to respond with the information requested.
Brute force: This type of attack applies computing power to try repeated logins using millions of combinations of letters, numbers, and symbols. This is especially effective with shorter, common passwords.
Social engineering: Think all those online quizzes and polls are just for fun? Hackers use social platforms to collect data using seemingly innocuous games. By compiling enough data, they can mimic user behavior and gain network access by changing login credentials.
Keylogging: This requires a bit of malware to capture your keystrokes. Usually a user downloads the malware unintentionally by clicking what appears to be a legitimate upgrade to a well-known application or by downloading an infected file.
Shoulder surfing: As the name implies, this hack involves stealing a person’s credentials by physically watching them. Crowded public areas provide the proximity needed for this hack.
Safeguarding your organization from the threat of cybercrime is all about preparation. With the right employee training, safeguards, software, and vigilance, you can minimize the risks — and be assured that if a breach does occur, you’ll be well-positioned to recover quickly.
Dembo Jones team of not-for-profit specialists can conduct a thorough evaluation of the financial and cyber threats to your organization — to help prepare you for the worst and still allow you to thrive in the pursuit of your mission. Contact us today.