Cyber-criminals have advanced in delivering spam, malware, launching phishing attacks and various hacking practices to steal user’s data for misuse. According to a report, around 129.9 million phishing attacks have been detected in the latter half of the year 2019 and lack of phishing awareness could have been a main cause. Today spamming and phishing attacks have risen to a new level because of two main factors:
- Negligence in cyber-security awareness
- Lack of knowledge regarding progressed cyber-attacks
To overcome these factors, it is very important to spread awareness about phishing and see phishing prevention best practices for cyber-security.
How to prevent phishing?
Recently, Cheers Exhibition in Al Quoz 2 Dubai, faced a phishing attack and lost $53,000 to an email hacker. The hacker hacked company’s email account to send spoofed emails regarding payment, to clients of the company and asked them to transfer the amount to an account in the overseas account instead of transferring in a local bank in Dubai. One of the clients fell for this email and followed the instructions to wire money which in turn resulted in a huge loss of the company.
Isn’t it alarming? But you know what, these attacks can be easily avoided just by following simple phishing awareness tips!
Guide to Common Phishing Awareness Tips:
- Create Phishing Awareness Among Employees
The most common reason why an organization faces a phishing attack is because of the lack of awareness among employees. Humans are the weakest link in the security chain of an organization so it is important to educate them regarding such cyber-attacks and their consequences. Awareness could be created with dummy replication of latest attacks to alert employees.
- Not All Attachments are Friendly
The purpose of carrying out phishing attacks is to acquire the financial and personal data through various unethical strategies. One of the strategies include malware attacks. Hackers send spoofed emails that contain attachments like malware files or links that redirect to malicious pages. One can easily avoid phishing attacks by being not lured into clicking these links or attachments.
- Double-Check The Brand Names and/or Trademarks
Phishers trick users by sending emails that consist of a brand name and logo. Victims unknowingly fall for such sources by believing them to be a legitimate one. Always double-check before providing your details to suspicious-looking emails.
- Look Out for “Urgent” or “Warning” Subject Lines
Try ignoring irrelevant email subject lines claiming “urgent payment request” or asking for “password check”. It is used to entice users into providing all of their personal information. Invoking urgency or fear in the mind of victims for getting user’s attention is quite a normal phishing tactic.
- Cyber Attack Simulating Tool
Tools like ThreatCop by Kratikal, offers cyber-attack simulation on the employees in an organization. The purpose is to assess their vulnerability posture of cybersecurity. This beneficial tool not only prepares them to be alert from cyber-attacks but also, makes them aware of the latest cyber threats spreading over the internet.