What is Phishing?

Phishing, Vishing & Smishing.. Cyber crimes become more common by the day, and new types of attacks gets developed every single year. With up to 88% of UK companies having suffered data breaches in the last 12 months, phishing is involved in around half of those.

So what exactly is phishing and what do you have to be aware of to avoid it and protect your business?
We give you 19 red flags to look out for- 19 red flags that will help protect your business.

September 16, 2020

What is Phishing?

Phishing is a form of cyber crime, where a target is contacted by email. Phishing has been around since the early 90’ties and have since developed into voice attacks called Vishing, and text attacks known as Smishing. Over the years we have seen the criminals attacking via phishing getting more creative in their methods. Often the are already reading your emails, making it possible to adapt the persona of your close contacts. By doing so it becomes much more difficult to spot the threats, with can end in both identity theft and financial loss.

What is the purpose of Phishing?

The purpose of the attacks is to lure individuals into providing data to the hacker. This could be their personal identity information, credit card details or passwords. Afterwards the hackers use this information to access the persons accounts, or even the business of the place the person is working.

The amount of working from home we have seen in the last months have raised the amount of attacks coming every day. With the amount of uncertainty and new ways of working, individuals have been more likely to fall for the attacks.

How do I protect my business from Phishing?

One small business in the UK is successfully hacked every 19 seconds. Therefore we’ve put together a guideline for businesses in our blog post right here. It is ready to pass on in your next company newsletter. The guide sets the base for your employees to avoid phishing, so they do not end up clicking on a malicious link.
As phishing is one of the biggest cyber security threats at the moment, it is highly important for businesses to prioritise awareness training of employees. Around half the cyber attacks in the UK involves phishing- and still 22% of UK businesses do not provide their employees with regular security awareness training for email. It is easy to forget the flags and feel ‘too comfortable’ on a busy working day- something that hackers are very aware of.

What should I tell my employees to look out for?

Is it too good to be true? – The old saying still counts! If it sounds too good to be true- it probably is. Eye or attentions bathing pictures or statements is designed to lure you in and get your attention.
Sense of urgency – A favorite tactic amongst cybercriminals is to ask you to act fast because of urgency. Know that most reliable organisations will give you time before they terminate an account. Furthermore they would never ask you to update personal information over a link
Hyperlinks – A link may not be all it appears to be. By hovering over a link you will be able to see the destination and if it is correct. Look carefully!
Attachments – Have you received an attachment you were not expecting? Hackers use these to spread virus so be aware.
Unusual sender – Is the email coming from someone you don’t know or usually wouldn’t have contact with in your role?

Our final advise..

When it comes to phishing, this is a time where it is ALWAYS better to be safe than sorry.

Final advise from our very own IT manager: If you doubt it – don’t click it!

Spotting a phishing email comes down to the last detail- and if ever in doubt, pass it on to your IT manager!

Want to share it with your friends?