October 11th begins Week 2 of Cybersecurity Awareness Month and this week’s focus is Fight the Phish. Phishing is one of the top, if not the number 1 method, of social engineering attacks used against your staff to trick them into giving up their access information or credentials to applications and websites. That is why it is so important to make sure your workforce is always aware and on the lookout of suspicious emails.
Ensure your workforce is aware of the red flags of phishing emails. Phishers are great with content and making the interactions appealing. Criminals spend most of their time tricking humans into helping them commit cybercrimes. Any email that induces a strong emotion or a knee jerk reaction usually is a sign that you should proceed with caution. These bad actors really know what they are doing. They can impersonate a college, a well-known company or even your neighbor or boss. Trust your instincts. If you identify a red flag, stop, think and investigate before proceeding. For example, if you get an email about an order you placed with Amazon that contains a link. Don’t click on the link. Instead, go to the Amazon website to verify if there is a problem or update on your account. Verify the source. Phishing is not just limited to emails. The bad actors have branched out to phone calls, text messages, chats and so on. If you receive communication from someone that is unexpected or seems fishy, guess what, it probably is.
Workforce awareness is your best defense against phishing and is the most important training tool for any business today. Learn to recognize the red flags, verify the source and be aware that phishing attacks do not just come in the form of an email anymore. Think before you click on any suspicious emails, links or attachments and make sure to report any suspicious emails you receive.