How to Prevent Phishing
Phishing is a form of social engineering that uses email, phone or text to trick people into sharing information. The information could be sensitive or confidential.
The key to preventing phishing attacks is to ensure all users have the right training and skills. It is also important to make sure your organisation is a member of the DMARC registry, which will give people much greater confidence that the email they receive comes from where they think it does.
There are many phishing attacks, but the most common types include:
Spear phishing is a more targeted approach that aims to target specific groups or individuals within an organisation. It often involves sending emails that mimic a company and its official website.
Typically, a person who is a victim will be asked to provide confidential information or update details on an account. This can range from banking information to usernames and passwords.
Business Email Compromise (BEC) scams, which saw over half the money lost to cyber criminals in 2019 come from this type of attack, are now becoming more and more sophisticated. They often involve hackers posing as management, a colleague or supplier and stealing large sums of money.
Too Good To Be True – Lucrative offers, eye-catching statements and other enticements are all designed to get people to open attachments or click on links. These can be used to deliver malware onto your device or install a banking Trojan to monitor your online activity and steal more personal information.