Employees travel, that’s part of being in business. And when they travel, they’re going to check their email. There’s no reason that simple act should put your organization at risk, but for many companies, it does. That’s because of the safeguards they put in place, don’t always travel with the employees. But they should.
If you’re a professional archivist, one of the things you should archive is email. If you’re a Registered Investment Advisor, one of the things you MUST archive is email.
Hackers were busy at it again this week with some standard phishing tactics, as well as some new, creative ones. And it should come as no surprise that Microsoft was in the thick of things being a victim of brand identity theft.
If you haven’t already heard, the Internet of Things (IoT) is going to be big. IoT simply means that every electrical device in your life will be connected to the Internet. From your doorbell to your thermostat to your refrigerator to every possible medical device. If you can plug it into an electrical socket it will probably plug into the Internet.
Phishing attacks give a little warning and they don’t linger at all. The timeline for many phishing websites is just a few hours. According to the 2018 Webroot Threat Report, “most phishing sites were only online for 4-8 hours.” Sometimes less. According to an article on Dark Reading website, “Many phishing campaigns last year combined attacks that were active for just a few minutes.”
Phishing attacks will always be successful because they’re not attacks on technology, they’re attacks on human nature.
As Danny Bradbury points out in SC Magazine, “Successful data breaches need not require expensive technology, massive deceptions, or even expertly faked credentials. Sometimes all it takes is a phone call to the help desk and a request for assistance logging in. You do not even have to be a legitimate user if you are convincing enough.”
It’s been shown repeatedly that all the phishing awareness training in the world won’t get the click rate on malicious emails down to zero. And now we know why.
Thanks to research conducted by Symphony Communication Services, “An alarming percentage of workers are consciously avoiding Its guidelines for security.”
Smart companies use phishing prevention technology to protect their employees and organization from phishing attacks. And whether they use their own, on-premises email server, or opt for a cloud-based email provider, companies have some important security decisions to make.
You can lose a lot of things if you get successfully phished: money, credentials, personal information, productivity, reputation, to name a few. Do you know what else you can lose? Your life!
It’s been all over the news lately that successful phishing attacks have led to patient’s medical records being exposed. There was a breach at Baystate Medical Center that impacted 12,000 patients. There were three physicians at UC Davis that got hit in a phishing scam affecting 1,800 patients. And there were the 30,000 Medicaid recipients who had their data exposed in Florida due to a phishing attack. The list goes on.