Can your staff catch a phish?
Globally, over $5.3Billion have been lost to business email compromise attacks (phishing attacks). Of these attacks, some 93% have involved ransomware in some way. Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid.
You might remember phishing attacks such as this;
Clearly, attacks like this are not overly sophisticated or believable. However, scams like the above attempt have fooled thousands of people out of considerable amounts of money.
These days, phishing emails have become far more complex and deceiving. Often phishing email attempts are crafted to appear as if they are from a legitimate source. Generally, the main difference between a legitimate email from a business and a phishing scam are that most businesses will never ask for personal details or bank details over email. Many phishing scams will request details such as your credit card details or for you to update your personal details by clicking on a link. Unfortunately, once you click on the link, you’re done for!
Below you will see a legitimate email vs a phishing email. As you will see, the emails are incredibly similar, but with careful attention you should be able to spot the key differences;
So, what can you do to keep your business protected?
We’ve mentioned before the importance of staff training. The number one thing you can do to protect your business is to train your staff to look out for phishing threats and report them straight away. Over 60% of organisations in Australia fail to train their staff in what to look out for. This is a concern, when you consider that the first day of most jobs involves new starters being given some form of induction, which includes fire procedures, issuing them with a key for the office and running through office safety procedures. Why then wouldn’t businesses consider a brief cyber security briefing to provide peace of mind?
A service which Anderson Morgan specialise in is staff training. With the help of our security partners, Sophos, we can work with you to create phishing email tests for your team as well as more ‘formal’ training options which can help to future proof your business security.
For more information, don’t hesitate to contact a member of our high qualified team.
Before you contact us, here’s a little bit of fun…https://www.youtube.com/