Phishing is not a new cyber risk but a spike in online activity over the Christmas period presents cybercriminals with greater opportunity to hook victims.
Cybercriminals use increasingly sophisticated methods to falsify details of well-known retailers, with the aim of enticing recipients into clicking on malicious links or opening malicious attachments. It is activity such as this which can have severe security implications and may result in your device being infected with malware or ransomware. Going on to enter personal details will also put your personal information into the hands of cybercriminals.
The cyber-security threat over this period is very real for businesses, as the line between personal and work activity continues to blur, with employees often carrying out bits of their Christmas shopping from the office, or using work devices. End of year deadlines also lead to an increase in skim reading emails whilst pressed for time.
It’s a good time to focus in on phishing and remind employees to be extra vigilant:
* Make sure you have appropriate technical measures in place for your organisation to prevent spoofing of email addresses
* Even if an email you receive appears genuine and the subject matter is very pertinent, don’t click or enter any personal details without double checking the authenticity
* Pay close attention to the sender’s email address – small differences in the sender’s email address are easy to miss in haste
Managed phishing exercises need not be costly and can be used all year through to minimise the risks associated with phishing. Managed phishing complements technical measures in place, enabling organisations to track overall phishing awareness and help to nurture a cyber-secure culture.
Contact us for: Cloud Services, IT Security, Infrastructure Consultancy, IT Management & Support