There is perhaps no company that is not susceptible to a massive phishing attack.
Statistics record more than 80% of victims of this fraudulent behaviour.
Email phishing
is one of the 5 most common types of these attacks.
What’s going on? An attacker registers a fake domain that is very similar to the real organization and overwhelms the network with requests. Domain names are often made up of hyphens to trick the eye of less astute users.
There are also cases where a scammer creates a domain of a legitimate organization, from which he sends the user an email pretending to be a real one from the company’s technical or customer support.
Emails usually create a sense of urgency, scare users with password reset requests, tempt with limited offers and have a lot of spelling or grammatical errors.
The goal is always to encourage as many victims as possible to think irrationally so that the attacker can obtain and misuse their personal data.
Specific recommendations:
- check the sender’s email address
- think about whether the request really makes sense in connection with you
- focus on the text, which in most cases asks you to click on a link or even download an unwanted attachment
In general, our statistics show that attacks are on the rise regardless of the focus or size of the company, and it doesn’t matter whether you do business nationally or internationally.
We know from our own experience how important it is to train, educate and, above all, simulate offensive activities for employees – preferably on an ongoing basis according to a medium-term plan. Surprisingly, up to 60% of employees usually repeat the same mistake within three weeks after the training has been implemented.
Other forms of phishing attacks include spear phishing (a targeted attack on a specific entity), whaling (an attack on high-level corporate employees), smishing and vishing (the use of phone calls, voicemails and text messages for fraudulent calls and messages) and angler phishing (attacks via social media, cloned websites, etc.)
But that’s for another time.
If you need us, we are here for you anytime.
