If you’re concerned about cyber security then phishing should be high on your worry list. That’s because phishing is one of the most common causes of cyber security breaches on the planet. In order to remain vigilant against this hacker’s technique, your entire workforce must be aware of how to prevent phishing, and the consequences of falling prey to an attack.
Let’s look at creating an office culture that focuses on to preventing these cyber threats.
Phishing typically takes the form of fake emails designed to unleash a virus in your computer or steal personal information. Global security firm Symantec says 54.3% of all emails generated are spam with a potentially malicious intent.
Some of the phishing techniques today include:
- Embedding a link in an email that takes you to an external site and asks you to enter information.
- Attaching a file to an email that spreads a virus.
- Requesting sensitive information via faked credentials that look very, very real.
Because these techniques are designed to exploit the individual within your company, it is imperative that your entire team understands how to prevent phishing attacks and what to do if they make a mistake and the unthinkable happens.
Training Staff in How to Prevent Phishing
Creating a cultural emphasis on how to prevent phishing starts with training and education. The first step is to teach anyone that receives email in your organization how to recognize a potential phishing email. Here’s what to look for:
- The email will likely be from a company you’re familiar with; it will have an easily recognizable logo stolen from a real business.
- Do you see misspellings in the email? That’s always a red flag!
- Never click on a link in an email. We used to suggest that you rest your mouse on the link (without clicking!) to see a string of digits that in no way match the URL of the supposed sender of the email to prove it’s a phishing scam. Today, it’s not even safe to do that; there’s a line of malware (viruses) now that have a new type of link. If you hover over the URL containing Zusy malware, it will release the virus.
- If you receive an .exe file, that file is likely a virus just waiting to be unleashed.
- If the web address (URL) resembles a popular company but the spelling is slightly off – it’s a scam.
Barkly reminds us the number one vehicle for computer viruses is email. The Verizon 2017 Data Breach Investigations Report said two-thirds of all the malware on infected computers in 2016 came from phishing emails.
Is Your Business Prepared?
In addition to training your team to be alert for phishing scams, make sure your operating systems; firewalls and security intrusion systems are fully up to date. Make sure your IT team is backing up all of your data frequently. Also, always encrypt sensitive company information.
CWPS offers security training in how to prevent phishing and other cyber security threats. Businesses depend on our managed services that include cyber security intrusion monitoring and mitigation. Contact us and keep your business safe.Markus Spiske