Have you noticed? Phishing attempts are up.
Lately I’ve come across several sophisticated phishing scams in my inbox. It’s clear that cyber criminals are increasing their efforts as the holiday season approaches, which makes sense given that many more people are online during this time of the year.
According to a recent study by Google and UC Berkley, phishing attacks can cause a lot of damage because their outcome is account takeover. A successful phishing attempt can yield a plethora of compromised accounts, leading to further success when these accounts are leveraged to access additional targets.
Avoid becoming a victim of phishing.
When they’re successful, phishing attempts can have a significant impact on you personally, as well as on your workplace. They begin innocently enough—a seemingly legitimate DocuSign request or email from a friend—but they can quickly turn your world upside down.
Avoid becoming a victim of phishing by following these 3 best practices:
- Never share personal or company-sensitive information by email or phone
- Do not open or download attachments from unverified senders
- Think before clicking on embedded links within emails (mouse over the link to verify its actual destination or type the website address in your browser rather than using the link)
And, if you suspect an email is a phishing attempt:
- Do not reply to the email
- Delete the email from your inbox
- Report any phishing emails you receive through organizational email to your company’s IT administrator
Put on a unified front.
Nothing beats a unified front against phishing attempts in the workplace, because one individual’s slip-up can quickly impact the collective. Every organization should have a formal security awareness training (SAT) program in place. Learn more about the ROI of a good SAT program here: https://www.controlscan.com/blog/quantify-roi-security-awareness-training/.