Cyber Security
Sappi

When we all work together to spot and stop cyber threats, shady characters on the internet don’t stand a chance.

Digital security, who’s this

So, what exactly is digital security?

In a nutshell, digital security means protecting your computer, mobile devices, tablets, and any other Internet-connected devices from intruders, which could be in the form of hacking, phishing, and other threats.

Recently, Sappi experienced a cyber-attack after an employee opened an attachment in an unsafe email, thereby inadvertently exposing the company to a dangerous virus.

Of course, we’re all only human and mistakes happen. But if we know what to look for and stay vigilant, we can outsmart hackers, cybercriminals, snoopers and other shady characters every time.

How to identify unsafe emails

Look for the following red flags in your emails to separate the safe from the sketchy.

01

The email address seems incorrect

Always check whether the email address matches the name of the sender and whether the domain of the company is correct. Does the spelling and punctuation of the email match previous mails from the specific sender? Any errors or deviations are clear red flags, and you should almost certainly not open any attachments or click on any links.

02

The sender doesn’t seem to know you

Are you being addressed as you would expect from the sender? Is your name spelled out in the mail? Does the signature match how the sender would usually sign mails to you? If the email is legitimate, all of this information should check out. For example, your bank would typically address you by your proper details, not in a generic way like “Dear Customer”.

03

The email is unexpected and unfamiliar

If you’ve never received a similar type of mail from the source before, it’s best to play it safe. If there is a link in the mail, rather go directly to the company’s website instead of clicking on it. If you feel that things don’t check out, report the mail to IT or to PhishingReport@sappi.com.

Another good idea is to analyse any suspicious files, URLs, IPs and domains on VirusTotal.com – a super user-friendly portal that instantly detects malware and other breaches in an instant.

04

The language, spelling and grammar seem “off”

Is the email full of spelling errors? Does it look like someone used an online translation service? These are tell-tale signs that an email is not legitimate.

05

There is a sense of urgency

Scam emails often contain “urgent” requests, using language such as “IMMEDIATE ACTION REQUIRED” or “ACT NOW”. This is because scammers know that you’re more willing to act on an email from, for example, your boss when it contains urgent or immediate action.

So what do I do if an email seems suspicious?

01

DON’T CLICK ON ANYTHING!

If anything about an email seems off, remember not to click on any links, open any attachments or provide any personal or company information.

02

Report, report, report

Report any suspected phishing emails to PhishingReport@sappi.com, or by clicking on the Phish Alert button in your menu bar on Outlook.

03

Remember the golden rule

When it comes to potential email scams, it’s always better to be safe than sorry. If anything looks even remotely suspicious, rather play it safe and report it.

More tips & tricks to stay safe online

Whether you’re using the internet at work or privately, always remember the following tips to stay safe in the cyberspace.

01

Keep personal and company information private

Sensitive information such as your home address, any other personal details and confidential company information should never be shared online. You wouldn’t share this info with strangers individually, so don’t hand it out to millions of people online.

02

Practice safe browsing

Cybercriminals love to use lurid content as bait, where one click could expose personal data or infect your device with malware. By resisting the clickbait and not visiting these dangerous sites, you don’t even give hackers a chance.

03

Don’t connect to free or public Wi-Fi

Connecting to free Wi-Fi carries a risk, and it is best to avoid this if possible. If you do need to use free Wi-Fi, do not use your online banking or business apps – rather wait until you have access to a private connection.

04

Choose strong passwords

Stay away from passwords that are easy for hackers to guess, such as “password” or “1234”. Always select strong passwords that are hard to demystify, with a minimum of 8 characters, special characters and numbers – as per the Sappi guidelines.

05

Only make online purchases from secure sites

Only supply credit card or bank account information to known and trusted sites that provide secure, encrypted connections. Always look for a padlock symbol next to the URL, make sure that the site supports a privacy policy and that they accept all major payment methods. If the site has many pop-ups, redirects you to other shady-looking websites, or only accepts bank transfers or wire payments, you should avoid providing your banking details at all costs.

Cyber Security is a team sport
Sappi