Phishing is when cyber criminals try to trick an email recipient into thinking the email they have received is from someone else, and they will then try to get that user to reveal sensitive information, to download malware or even make a fraudulent payment.
In our experience, companies are too reliant on their employees to recognise a phishing email and in many cases they are not warning them about the potential risks.
One basic type of attack is when cyber criminals research a company to find out who is the owner or managing director of a firm, and they then setup a free email account in this persons name which in turn they use to target that companies employees. The message will often say they urgently need that employees help with something, and seeing that the message appears to be from one of the owners, the employee is tricked into complying.
The best way to protect you and your employees is:
Implement a robust email filtering system to stop SPAM and other rogue emails before they reach your employees.
Undertake user awareness training which can include simulated email phishing attacks to train employees on what to look out for.
Implement an email monitoring system to alert you in the event an email account has been compromised or is under attack.
Ensure you email accounts are being backed up away from where you emails are being managed.
We have also created a free guide for employees called How To Avoid a Phishing Attack and you can download a free copy here phishing_attacks
We are here to help, and if you have any concerns about email security or any other cyber security issues, then contact our sales team on on 059 9130777 or you can email to info@deycom.com