Oct 26, 2022
Don’t get tricked by a cyber criminal’s phishing bait. Make sure you're protected from attacks by following these Milner tips below. For more tips to help employees stay up-to-date on email security best practices download our Email Security Tipsheet.
In 2021, 80 percent of security incidents and 90 percent of data breaches stem from phishing attempts.
For our final installment of our National Cybersecurity Awareness Month series, this week we are talking about the most common cause of data breaches: cyber phishing attacks. Despite all other threats to your SMB being equally frightening, a successful phishing attack can be especially dangerous, especially as we approach the holiday season, which has become prime time for cyber scams.
As hackers seek to take control of organization data, they are developing increasingly sophisticated cyberattacks to obtain employee records, bank details, and supply chain details. Nearly 83% of their organizations were victims of phishing attack attempts in the last year alone—a significant increase from previous years. The consequences of successful phishing attacks can be costly: in 2021 almost 60% of infected organizations paid up, some more than once. Glaringly, only 54% of those who paid up regained access to their data and systems without paying additional ransoms.
So, what does that mean for small and mid-sized businesses? For one, cybersecurity precautions against phishing must remain top of mind, especially if your organization is powered by a remote or hybrid workforce. Knowing the basics, like how phishing attacks work and how to prevent these data breaches due to phishing schemes can go a long way to keeping your organization’s data secure.
Most commonly, phishing attacks occur through email, and like good Halloween monsters they prey on your fears. Cybercriminals will create fabricated scenarios, pretending to be someone they are not, in an attempt to attain sensitive or valuable data. Like a great Halloween costume, the more authentic the message, the better the reaction, and the more likely the victim is to succumb to the successful phishing attack.
Hackers often use recognizable brands to make their emails look legitimate. Emails may appear to be invitations to join a digital platform from another employee, links to perks for new employees, password updates, emails from law enforcement, overdue invoice reminders, or other automated notifications. In 2022, the most frequently impersonated brands in phishing attacks were some of the most trusted: LinkedIn (52%), DHL (14%), Google (7%), Microsoft (6%), and FedEx (6%). The top malicious email attachment types are .doc and .dot which make up 37 percent; the next highest is .exe at 19.5 percent.
To be most effective IT departments and managed service providers will employ a multi-pronged approach to ensure that they are able to defend against phishing attacks. Beyond traditional firewalls and strong password protocols, at the company level, IT teams might consider:
However, defense against phishing attacks requires vigilance from everyone in an organization. Here are a few tips on how every employee can also help to prevent data breaches through phishing:
Especially for small and mid-sized businesses, guarding against today’s sophisticated cyber attacks can be a tremendous undertaking. Milner offers IT security solutions to clients in a wide array of geographic regions and sectors, including antivirus and malware protection, installation patches and updates, antivirus and malware protection, remote monitoring and remediation, and live help desk support 24/7/365, managed detection and response, IT security audits, and end user security training, and proactive threat management.
You can never be too sure that your organization’s critical information is safe and secure from what’s lurking in your emails. Contact our managed IT and cybersecurity experts today.