Learn How To Stop Your Employees From Clicking On These Dangerous Emails.
You would think that with all the hype about cyber-attacks and the dangers of clicking on phishing emails, people would be more careful. But hackers are highly skilled. And they’re very persistent. They’ve refined their craft to where even trained employees might be fooled. In addition, they’ve run upon some pretty intriguing subject lines for their phishing emails that make it really tempting to click on the link.
What Is Phishing?
Phishing is a term that was adapted from the word “fishing.” When we go fishing, we put a line in the water with bait on it and we sit back and wait for the fish to come along and take the bait. Maybe the fish was hungry. Maybe it just wasn’t paying attention. At any rate, eventually a fish will bite and you’ll have something yummy for dinner.
This is essentially how cyber phishing works. Cyber thieves create an interesting email. It might say that you’ve won a $100 gift certificate from Amazon. Sound too good to be true? Find out! All you have to do is click the link and take a short survey. Easy enough, right?
Once you click the link, guess what happens? A virus is downloaded onto your system. Sometimes it’s malware and sometimes it’s ransomware. Ransomware encrypts all your files until you pay the ransom. Even then, there’s no guarantee you’ll get your data base restored. Malware is all about stealing credentials, passwords, and other valuable information from your company. Sometimes it’s just about destroying your data.
Malware includes Trojans, worms, spyware, adware, and rootkits. These malicious programs each have different goals but all are destructive and aimed at harming your computers.
Why Is Phishing Such A Huge Problem?
Each day, hackers are able to trick people into clicking on bad links. The Anti-Phishing Working Group (APWG) reports that organizations will lose an estimated $9 billion in 2018 from phishing. Sometimes hackers are looking for a quick buck by stealing your credit card information. Other times, they’re looking for personal information they can sell to other criminals on the Dark Web. Any cyber-attack can cripple your company and cost thousands of dollars to fix.
What Industries Are Phishers Targeting?
The APWG is reporting that there have been increases in phishing scams that target SAAS (Software as a Service) and webmail providers, along with file hosting/sharing sites. Phishing against payment services and banks is still a big problem. The most-targeted industry sectors in the 1st quarter of 2018 were:
- Payment Services 39.4%
- Financial Institutions 14.2%
- SaaS/Webmail Services 18.7%
- Cloud Storage/File Hosting 11.3%
- Other Industries 16.4%
What Are The 10 Most-Clicked Email Subject Lines from 2018?
1. Password Check Required Immediately 15%
2. Security Alert 12%
3. Change of Password Required Immediately 11%
4. A Delivery Attempt was made 10%
5. Urgent press release to all employees 10%
6. De-activation of [[email]] in Process 10%
7. Revised Vacation & Sick Time Policy 9%
8. UPS Label Delivery, 1ZBE312TNY00015011 9%
9. Staff Review 2017 7%
10. Company Policies-Updates to our Fraternization Policy 7%
Don’t Be A Victim! How to Avoid Phishing Scams
- Don’t click buttons or links in emails. Navigate to a site the old-fashioned way—By opening a new browser page and typing in the URL.
- Use a password manager to create complex passwords and encrypt them.
- Use two-factor verification whenever it’s available. This provides an extra layer of security and will require another form of identification via an email or text message.
- Don’t use browser-based password manager extensions. They are risky and have the potential to reveal your credentials if you visit a malicious website.
- If you detect a suspicious email, tell your boss and colleagues immediately. The faster your IT service company can respond to a threat, the less damage the hacker can inflict.
- Don’t trust the little green lock icon in your web address bar. Hackers can get HTTPS certificates as easily as a real site.
How To Protect Your Company From Phishing Attacks
Staying safe from hackers these days requires diligence from everyone at your firm. Your employees need regular awareness training. They must be smarter than the latest new hacking scam. In order to do this, they have to be constantly reminded about what’s at stake. People forget, but with regular employee awareness training, this topic will be foremost on their minds. They’ll think twice before clicking on a link that says they just won a $25 gift certificate from Starbucks.
This can save your company a lot of time and money, not to mention the loss of reputation. It’s not an expensive fix either. An IT specialist can come out to your company several times a year and explain how phishing works to your employees. We talk about the latest cyber threats and discuss things like how ransomware works and how to avoid being a victim. It’s a great way to make sure your employees are educated and well aware of what phishing is and how it works.
Ready To Add An Additional Layer Of Cyber Protection to Safeguard Your Technology Assets?
Contact our security specialists, and we’ll be happy to schedule a visit to explain the many ways we can help you avoid a cyber-attack. Call (888) 711-3234 or email firstname.lastname@example.org to chat with the NOVA Computer Solutions team.
In the meantime, visit our Blog to stay up-to-date on everything happening in the world of IT.