PHISHING THREATS: THE #1 MISTAKE COMPANIES MAKE (Part 1)
Every company can lower their susceptibility to a phishing attacks. And they should use the appropriate techniques and take the right steps to protect themselves.
The #1 mistake many companies make is not having the right tools in place and not properly training employees. Employees are the biggest risk to a company and make it vulnerable to phishing attacks.
Cyber-criminals know exactly how to use phishing to gather an employees’ credentials and overall knowledge to compromise the company’s security. Phishing is used to collect sensitive information that they’ll then use to gain access to otherwise protected data, networks, etc. A phisher’s success is contingent upon establishing trust with his or her victims. We live in a digital age, and gathering information has become much easier.
Know these various phishing techniques used by attackers:
- Embedding a link in an email that redirects your employee to an unsecure website that requests sensitive information
- Installing a Trojan via a malicious email attachment or ad which will allow the intruder to exploit loopholes and obtain sensitive information
- Spoofing the sender address in an email to appear as a reputable source and request sensitive information
- Attempting to obtain company information over the phone by impersonating a known company vendor or IT department
Not having the right tools in place and failing to train employees on their role in information security is often one of the biggest risks a company carries when it comes to phishing attacks. Don’t make this mistake by properly training your employees in this area to ensure your company is covered and safe.
Check back later this month for: ‘PHISHING THREATS: PROTECTIVE STEPS EVERY COMPANY NEEDS TO KNOW (Part 2)’