Phishing Season is Here
Phishing season is open – every month, every week, every day and every hour. Since almost all of us use email daily, four billion of us every day, it’s good to know the most likely attack is phishing. Hackers don’t care whether it’s a personal email or business email. In fact, business emails usually allow the cyber-criminals to get into systems and/or other emails in the organization.
The stakes are getting higher: 2021 saw the highest average cost of a data breach in 17 years, up from $3.86 million in 2020 to $4.24 million. And there is no reason to believe these numbers will go down any time soon.
Regardless of how many cybersecurity layers your company covers, the bottom line—and the greatest vulnerability—always remains the human factor. Security Awareness Training is one layer that needs to be done with your employees, not just once when they are hired, they also reminders and updates on current vulnerabilities.
Quick check list for phishing emails:
- Grammar errors and misspelled words.
- Email addresses and domain names that don’t match
- Sense of Urgency – ACT NOW, URGENT, NEED RESPONDS NOW
- Recipient Did Not Initiate the Conversation
- Request for Credentials, Payment Information or Other Personal Details
- Logo or colors don’t look like the business’s logo you know.
Here is a sample of a phishing email:
The message is sent from a well know company, no logo. Fake invoice – never order product. The email is poorly written. Asking for money – leads to personal information once you call.
Don’t forget to checkout CorpInfoTech’s Phishing 4 Awareness blog series – learn about the different types of phishing and more.
CorpInfoTech solutions provide simulation exercises based on real examples of socially engineered phishing attacks in order to better teach employees how to spot phishing emails and report them – whether they have been opened and actioned or not.
Let’s talk about how our security solutions can keep your company safe into 2022 and beyond!
CorpInfoTech (Corporate Information Technologies) provides small to mid-market organizations with expert I.T. services including compliance assessment, cybersecurity penetration tests, and comprehensive business continuity planning services. Corporate Information Technologies can help organizations, quantify, create, refine, and mitigate the risks presented by business threatening disasters in whatever form they may be disguised.