Phishing – Everything You Need To Know

Phishing occurs when a criminal disguises malicious content in a trusted source which lures victims into providing sensitive information. They then utilise this as a bargaining tool or sell it for their own gain. This could be usernames, passwords, credit card or bank details. The sender deceives the victim by making it appear as if it has come from a trustworthy source; such as a customer, supplier, employee, manager or even government departments.

Phishing Emails:

Once you open a phishing email, there is a URL link designed to re-direct you to a site a criminal operates. This often looks very similar to a trustworthy website but it is used to steal your data. And because you believe it to be a reputable source, you fill in your details without thought that it could be used in a malicious way.

Common Phishing scams

Malware Distribution

Distributing Malware proves to be an extremely easy task for cyber criminals and is commonly done through phishing. Simply clicking a malicious link through a phishing email can result in a whole network being compromised.

CEO Fraud 

Criminals trick victims with spoof emails that are addressed from a trusted authority – such as the company CEO. This technique is more targeted and addresses the victim directly, asking for payments that are needed ‘urgently’.

If a phishing attack is successful, your business risks facing financial loss as well as gaining a bad reputation with potential customers, suppliers and clients. As a business, it is important you are pro-active with your cyber security measures to make sure these attacks are avoided as much as possible. As the consequences can be severe.

rEAL LIFE EXAMPLE:

A recent test by ‘ethical hackers’ working for Jisc (originally known as Joint Information Systems Committee) had a 100% success rate in obtaining sensitive data from 50 universities around the UK. One of the most effective approaches these ‘hackers’ used was “spear–phishing”. Emails were sent out which appeared to be from a trusted source but instead were used to obtain sensitive information about both staff and students.

Although the attack was not real, if staff were trained on the characteristics of phishing emails, it is more likely they would have been able to spot the difference and avoided the ‘breach’ altogether.

%

of cyber attacks in the past year have been due to phishing

Why it’s important to train your staff …

Recent government statistics suggest phishing attacks are the most common type of cyber breaches within businesses in the UK; responsible for 80% of cyber attacks on businesses in the past year.

Your organisation’s cyber security can’t block 100% of phishing attacks. So what happens when you receive a phishing email? How can you tell the difference between one that contains malicious content and one that doesn’t? As with most cyber attacks, it is important to understand that your employees are your second line of defence.

You could have the most up-to-date technology in place for your cyber security – but if your employees aren’t clued up, they could unintentionally click on a link that could take your whole organisation down for days. And because phishing attacks depend on human intervention to work, (ie. someone to click a link, provide details etc) training your staff is more essential than ever before to avoid fraudulent emails becoming a problem.

cybsafe can help

Cybsafe is the only organisation in the world to provide you with intelligent security training that evidently reduces your human cyber risk. When it comes to training your employees on phishing, Cybsafe take an intelligent approach, one that creates long-term habits.

At the moment, traditional phishing training is still failing to change the way employees react to potential phishing breaches. Cybsafe instead focus on specific human traits that may make individuals more liable to a phishing attack. This has been proven to give a more effective outcome when it comes to training your staff.

To find out how Cybsafe works, get in touch today! As a strategic Cybsafe partner, we can arrange a free demonstration so you can see how it will help your business to reduce your human cyber risk. 

What is VDI & What Are The Benefits?

Reviewing your current business strategy to ensure you’re getting the most out of your services & technology is an essential step, especially during these uncertain times. With more businesses currently adopting remote working as a permanent solution, VDI is an...

Business Priorities for 2021 – Review where you are!

Reviewing your businesses current position should be top priority for most organisations as we approach a new working year. By doing this you will have oversight of how your business is performing and what areas need improvement to achieve better results in the year...

Phishing Attacks – Top up your Tackle Box!

If you don’t have a robust security solution in place, you are potentially opening the door for cyber criminals to access your network and potentially your data. It’s essential to review every aspect of your business security strategy, so that it’s harder for...

The Difference between Mass Phishing & Spear Phishing

With cybercrime becoming even more challenging than ever before, it’s vital that we work together in order to lessen these attacks! Astonishingly, 80% of security breaches are down to Phishing attacks, so it’s essential that businesses familiarise themselves with the...

SMB’s Are Still Taking The Bait!

Organisations rely on digital technology as a necessity to operate as part of their daily routines and this means that data that is stored on your device is at greater risk of becoming stolen or corrupted. Cybercriminals are always trying to find new ways of...

Products to Combat Ransomware

Ransomware attacks are still the most prevalent malware threat to SMB’s and Datto have revealed that the cost of downtime is 94% greater than the previous year due to Ransomware complications.    Ransomware attacks are not only becoming increasingly more common, but...

Cyber Threats To Avoid In 2021

The increase in cyber crime has dramatically risen in the last few months as a result of the ongoing pandemic. It’s encouraged hackers to take advantage of businesses that had to adapt to new solutions in order to manage during the current climate. Organisations had...

Top 5 Security Practises That Every Business Should Know!

As the business world revolutionises, the way organisations operate will be even more dependent on digital technology to carry out essential business tasks. Operating on more advanced & sophisticated technology will generate an abundance of risks that businesses...

The Pain of using Multiple Providers

Utilising multiple providers for services may work for some organisations – or at least they think it does – however, for most businesses it is confusing, time consuming and generally not easy to manage. Streamlining your business services with one provider offers...

Streamlined Services & Support

When using multiple providers clients usually end up spending large amounts of time playing “piggy in the middle” and being passed from pillar to post when trying to resolve an issue. This can become not only very confusing and stressful, but can also negatively...

Previous

Next

Submit a Comment

Your email address will not be published. Required fields are marked *

Pin It on Pinterest

Share This