Phishing is a deceptive email that attempts to trick the recipient into opening a malicious file or disclosing sensitive information. In today’s day and age, most people know what phishing is. But, how do we identify it? And, what should we do when we recognize a phishing attempt?
Verizon’s 2015 Data Breach Report proved that when a hacker sends out ten phishing e-mails, there is a ninety percent probability that one person replies. Similarly , when 150,000 test phishing e-mails were sent out, half of the receivers opened the emails and clicked on the phishing links in the first hour.
Phishing scams are usually quite legitimate-looking e-mail messages. They’re meticulously engineered to lure receivers to either download a malevolent file attachment or click a link to malicious software or exploit-laden site where private info is needed. Cyber villains target workers with a goal to access an organization’s network.
Phishing is more wide-reaching than anybody would imagine. There are 156 million phishing emails sent out daily. Of those, 16,000,000 get through filters, and another 8,000,000 are opened by receivers; 800,000 receivers click the link provided and eighty thousand supply the info requested.
Hackers are highly arranged and do their research. Security software firm Trend Micro said that 91% of all cyber attacks start with an e-mail centered at a particular individual inside an organization. This is known as spear phishing. Social media websites are a source of personal information for hackers. Sites like Facebook and LinkedIn provide tons of information regarding targets. In an independent survey, almost 1/2 of staff said that they accept invites from strangers on social media “much of the time” or “sometimes.”
Workers may be the weakest link. Over one 3rd ( 39% ) of staff surveyed in an independent study admitted to opening emails they suspected were fake or contained malicious software. It isn’t just money info that bad guys are after. Many hackers are looking for personal information or corporate secrets. The secret info can cost a business millions of dollars. Smart phishers time their attacks. Most phishing e-mails are sent when workers have a tendency to rush through their emails between 4 am and 6 am and then late in the afternoon, particularly on Fri.
Employees can be your strongest cyber security defense. Even though technologies like spam blocking and filtering solutions are recommended, active awareness and coaching can reduce the number of individuals that fall prey.
Coaching should be ongoing and cover phishing markers ( like typos, peculiar wording, notes of pressure, impractical threats, etc., in e-mails ) and suitable replies ( confirm suspicious requests by telephone, and remove ). Many employees do not receive the proper education or support required to stay vigilant against phishing attacks.