When we analyse the most successful cyber-attacks that affect our clients, most have one single thing in common…. A user, somewhere, did something that could have been avoided. Human error is involved in 90% of all security breaches.
Phishing email in particular requires you to be vigilant in questioning the validity of an email. These messages pretend to be from a large organisation, such as Microsoft or Google, to make the scam more believable. They can be sent via email, SMS, instant messaging or social media platforms. They often contain a link to a fake website where you are encouraged to enter confidential details.
More dangerous still is “spear phishing”. These messages target specific people and organisations. The message may contain information that is true to make them appear more authentic. You might get a message that appears to be from another staff member asking you complete a task such as make a payment, update banking details or ask you to click a link to access shared files. Cyber criminals are getting better at social engineering and are putting more time, effort and money towards researching targets to learn names, titles, responsibilities, and any personal information they can find. They can easily curate this information from your corporate website, LinkedIn, Facebook and other social media platforms.
If it doesn’t sound right, feel right, seem right, it probably isn’t.
Our clients are encouraged to forward anything of concern to our experienced support team. All examples are thoroughly checked and vetted.
So regardless of what security or SPAM filtering you may have in place, the individual users in an organisation are the first line of defence in preventing cyber criminals accessing your sensitive data or company infrastructure.