Phishing – why employee education is everything
- 8th October 2018
- Posted by: Mark Dodds
- Category: Security
It’s the scammers’ favourite trick, and getting caught out is much easier than you might imagine. To avoid becoming another victim, it’s important that your entire organisation works together.
Only silly people get caught out by phishing scams, right? Everyone knows not to send money to strangers on the internet claiming to need urgent help with freeing a Nigerian prince from exile.
Thing is, it’s not that simple any more.
While it may be true that most of us know to steer well clear of badly written, elaborate stories arriving in our inboxes, phishing emails aren’t always so easy to spot. Cyber-crime is the biggest threat to UK businesses today, and fake emails are the most common way the hackers are reeling unsuspecting victims in.
The reason they do it – and make huge amounts of money in the process – is that people are still falling for their tricks. Of every thousand phishing emails sent, about half will be successful. So, in this day and age when we’re all supposed to be clued up about internet security, how are they getting away with it?
Cyber criminals use clever technology, but they actually rely on humans to do their jobs for them. It’s all about taking advantage of people’s good nature and willingness to do the right thing. Throw in a bit of urgency, and they’re laughing.
Scammers know their stuff. They know that on a Friday afternoon people are more likely to be tired and take their eyes off the ball. They also know that senior management might be out of the office, either at meetings or on their way home. It’s the perfect opportunity to target workers who are ready to go home and perhaps a little under-confident in themselves.
The recipient will receive an email that looks like it’s from the big boss, asking for some urgent help. It might be a client’s details, it might be the transfer of some funds into a supplier’s bank account. The finance officer has left for the day, there’s nobody else to ask, and nobody wants to challenge the boss. Within a matter of minutes the entire organisation has been compromised and the poor victim just thinks they’ve done something really helpful.
The reality of the situation might go unnoticed for weeks, by which time millions of pounds worth of damage has been done.
Phishing scams happen every day, and perfectly sensible people give away all sorts of information without realising. This is a multi-billion pound industry, and the chances of your organisation being targeted are high – 76% of UK businesses reported falling prey to phishing scams in 2017.
But don’t panic.
It’s entirely possible to avoid getting caught up in a phishing net. It starts with understanding the different types of scams out there, what they look like and making sure everyone in your organisation is aware. Never assume that just because you’ve got anti-virus software in place you don’t need to do anything else. Education is everything, which is why we’ve written a comprehensive guide about phishing scams.
You can download it below. No catches – just good, honest, clear advice that might just save your business!