by Peter Dietrich
3:00 min read
Phishing can be a company's worst nightmare. According to Google, phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers. Many security measures can be in place to guard against human security risk, but without proper knowledge provided to individual employees, one email with an attachment can compromise everyone. According to EdTech Magazine, one third of employees in America are falling for phishing scams.
Got a minute? Try a free interactive security training module.
Phishing scams are becoming more sophisticated, fooling anyone from the new hire all the way to the CEO. If employees aren't educated and brought up to date on the latest phishing scams, companies leave themselves more susceptible to breach. Phishing scams also increase at times when there are major data breaches with large companies. Some examples of companies who have been hacked in the last year are Uber, Deloitte and Equifax. According to the FTC, the Equifax breach affected 143 million people accessing their social security numbers, birthdates, addresses, and driver’s license numbers. After the breach, Equifax even inadvertently directed people to a fake version of its own hacking help page. The seriousness of phishing should not be overlooked. Wombat reports 3 reasons end users fall for phishing attacks:
Expecting employees will never click on a bogus attachment is unrealistic; however, keeping employees in the dark about phishing is a sure and certain way to compromise a company.
10 tips for employees to decrease their chances of getting hooked: