You would think that with all the hype about cyber-attacks and the dangers of clicking on phishing emails, people would be more careful. But hackers are highly skilled. And they’re very persistent. They’ve refined their craft to where even trained employees might be fooled. In addition, they’ve run upon some pretty intriguing subject lines for their phishing emails that make it really tempting to click on the link.
Phishing is a term that was adapted from the word “fishing.” When we go fishing, we put a line in the water with bait on it and we sit back and wait for the fish to come along and take the bait. Maybe the fish was hungry. Maybe it just wasn’t paying attention. At any rate, eventually a fish will bite and you’ll have something yummy for dinner.
This is essentially how cyber phishing works. Cyber thieves create an interesting email. It might say that you’ve won a $100 gift certificate from Amazon. Sound too good to be true? Find out! All you have to do is click the link and take a short survey. Easy enough, right?
Once you click the link, guess what happens? A virus is downloaded onto your system. Sometimes it’s malware and sometimes it’s ransomware. Ransomware encrypts all your files until you pay the ransom. Even then, there’s no guarantee you’ll get your data base restored. Malware is all about stealing credentials, passwords, and other valuable information from your company. Sometimes it’s just about destroying your data.
Malware includes Trojans, worms, spyware, adware, and rootkits. These malicious programs each have different goals but all are destructive and aimed at harming your computers.
Each day, hackers are able to trick people into clicking on bad links. The Anti-Phishing Working Group (APWG) reports that organizations will lose an estimated $9 billion in 2018 from phishing. Sometimes hackers are looking for a quick buck by stealing your credit card information. Other times, they’re looking for personal information they can sell to other criminals on the Dark Web. Any cyber-attack can cripple your company and cost thousands of dollars to fix.
The APWG is reporting that there have been increases in phishing scams that target SAAS (Software as a Service) and webmail providers, along with file hosting/sharing sites. Phishing against payment services and banks is still a big problem. The most-targeted industry sectors in the 1st quarter of 2018 were:
1. Password Check Required Immediately 15%
2. Security Alert 12%
3. Change of Password Required Immediately 11%
4. A Delivery Attempt was made 10%
5. Urgent press release to all employees 10%
6. De-activation of [[email]] in Process 10%
7. Revised Vacation & Sick Time Policy 9%
8. UPS Label Delivery, 1ZBE312TNY00015011 9%
9. Staff Review 2017 7%
10. Company Policies-Updates to our Fraternization Policy 7%
Staying safe from hackers these days requires diligence from everyone at your firm. Your employees need regular awareness training. They must be smarter than the latest new hacking scam. In order to do this, they have to be constantly reminded about what’s at stake. People forget, but with regular employee awareness training, this topic will be foremost on their minds. They’ll think twice before clicking on a link that says they just won a $25 gift certificate from Starbucks.
This can save your company a lot of time and money, not to mention the loss of reputation. It’s not an expensive fix either. An IT specialist can come out to your company several times a year and explain how phishing works to your employees. We talk about the latest cyber threats and discuss things like how ransomware works and how to avoid being a victim. It’s a great way to make sure your employees are educated and well aware of what phishing is and how it works.
Contact our security specialists, and we’ll be happy to schedule a visit to explain the many ways we can help you avoid a cyber-attack. Call (888) 711-3234 or email firstname.lastname@example.org to chat with the NOVA Computer Solutions team.
In the meantime, visit our Blog to stay up-to-date on everything happening in the world of IT.