Defend against phishing attacks

bermix-studio-F7DAQIDSk98-unsplash

“How can I prevent someone from hacking my company?”

I am asked this question whenever I speak to business CEOs. My response? Ensure your workers never open their emails. Of course, that’s not possible. The answer is to train them to be your frontline prevention against cybercriminal’s phishing attacks.

First, this would be the right place to begin because office workers typically respond to emails in under two minutes, enough time for any cybercriminal to penetrate your company’s customer database and destroy your reputation. Two minutes? 

Seventy percent responded within six seconds after receiving an email, and 85 percent within two minutes. And, amazingly, the average worker spends 28 percent of their workweek tending to emails; that’s 620 emails every week, or over 11 hours a week.

Cybercriminals know this better than anyone. Now ask me that question again? 

As a result, hackers can access sensitive data, steal medical records and shutdown operations, take control of operating systems and demand a ransom for your data or control your operating systems. However, it’s unlikely they would return your data.

Here are some steps to take in your quest for cybersecurity. 

Recognize phishing attacks

Phishing is a term used to describe cybercriminals who “fish” for information from unsuspecting users, likely your employers. Most of all, cybercrimes start with phishing emails. Phishing attacks seek to get sensitive information by using URLs and files to deceive their targets. 

Don’t blame your employees

And continue to invest. Fresh attacks develop monthly, if not daily, and your approach to guarding against them shouldn’t be on a budget or on a one-day-a-year basis.

Password security training 

Passwords that are long enough, use multiple character sets (uppercase, lowercase, numerals, symbols), don’t use complete words, don’t share and change on a non-scheduled basis, cuts down the risk of a password being used to break into your database. 

Typically, phishing attack emails involve, 

  • Lousy grammar and spelling errors
  • Unfamiliar salutations
  • Inconsistencies in email addresses, links & URLs 
  • Suspicious attachments
  • Requests for login credentials, payment information or customer data.

Terry Cutler

I’m Terry Cutler, the creator of Internet Safety University, an educational system helping to defend corporations and individuals against growing cyber threats. I’m a federal government-cleared cybersecurity expert (a Certified Ethical Hacker), and the founder of Cyology Labs, a first-line security defence firm headquartered in Montréal, Canada. In 2020, I wrote a bestselling book about the secrets of internet safety from the viewpoint of an ethical hacker. I’m a frequent contributor to National & Global media coverage about cyber-crime, spying, security failures, internet scams, and social network dangers families and individuals face daily.