BotNet News

Phishing is the first step in cyber attacks against individuals and businesses. Cybercriminals use phishing to steal credentials that can be used to take over accounts, make fraudulent payments and download malware onto devices. It’s a growing problem that continues to rise.

The good news is that, with a few simple cybersecurity habits, people can prevent most phishing attacks from succeeding. Employees should learn to spot phishing red flags, such as unusual senders or suspicious attachments, and avoid clicking any links or downloading any attachments.

Educate employees about phishing and how to spot an attack by leveraging resources such as this helpful KnowBe4 resource that highlights 22 red flags in social engineering. Employees should also learn to review their own inboxes and look for signs of phishing, including urgent or threatening language (e.g., “your account will be deleted” or “you’re under arrest”), and requests for sensitive information like passwords that should never be shared over email.

Encourage employees to verify any strange requests via other channels such as phone or in person. Also, encourage them to check the sender’s email address to look for misspellings and inconsistencies. And don’t forget about DMARC, which helps organizations stop phishing attacks by telling attackers that the email they are trying to spoof is not their own. If an employee sees a phishing attempt, they should report it to protect themselves and others. This is especially important if the email was sent outside of business hours, when vigilance may be lower.