Phishing is a booming business for cybercriminals, who are attempting to get sensitive information such as usernames, passwords, and credit card details by sending links and files via email communication. When clicked, they infect the system with malware. While previously considered a nuisance, phishing scams are now getting more and more sophisticated.
Phishing is typically carried out by email spoofing or instant messaging. It directs users to enter personal information on a fake website (which looks identical to the legitimate version). Communications claiming to be from social media websites, auction sites, banks, online payment processors or IT administrators are often used to lure victims. Phishing emails may contain links to websites that are infected with malware. Of the most significant concern, 93% of all phishing emails carry ransomware.
Ransomware and phishing are examples of social engineering techniques used to deceive users and exploit weaknesses in IT security. Currently, these attacks are slowly being addressed with new legislation, but as governments are slow to adjust to the quick pace of technology, there is more onus on business owners to create their own strategies. These include user training, public awareness, and technical security measures.
Unsure where to start to protect your organization? HostedBizz’s free ransomware training course provides an excellent baseline for how to assess your organization’s phishing preparedness critically. In less than 10 minutes you can complete the online course and start protecting your systems from this potential pitfall.