The internet can be a dangerous place for the uninitiated. Ensuring that your staff are prepared for the dangers is a key element to any cyber security strategy. Phishing, most commonly a scam completed through email, is a threat that could wreak havoc on your data security and is one that should be kept in mind.
Let us discuss phishing:
Definition
"Phishing" is in essence, a communication that appears legitimate, but is fraudulent. A physical version of this would be a caller claiming to represent the government, and then asking you to confirm personal information, such as birth dates, account passwords or credit card details.
Given the digital age, the most common method is through mass emails, that will appear to come from your bank, a government department, or a service provider (such as MyGov or Synergy). The email will often be intended to scare and prompt action, claiming that "your bill is due, click here NOW to fix this!".
Upon clicking the link, your computer will then either be infected with viruses (such as ransomware), and / or you will be asked to input confidential information, which will be used by a scammer to gain access to your accounts.
Securing your business against phishing
The most important thing to do to combat phishing scams is to train your staff to never click any links that are not confirmed from a verified source.
For example, a receptionist will likely not receive any bills, since those would go to accounts payable or a manager.
Therefore, if receptionists were to receive an email from (for example) a power company, it is likely a phishing scam, and any links within that email should not be clicked.
Another important guard is the installation of antivirus software that has a spam filter. In these days, spam filters have developed to also combat phishing scams. They may also come with add-ons to 'report' emails as phishing, thus training your staff to report anything suspect.
Summary
Phishing is a common scam that anyone can fall for if they are not careful. One click on a link could cause an internet security failure, even if the person does not give the phisher their personal details.
Training and anti-virus/filtering software are two key strategies for combatting phishing. If you do not have these strategies set up, get in touch with G2IT today: call 1300 325 487 or connect on Facebook and LinkedIn.