04 Aug Train your users NOT to click
ATTENTION. Imagine being the employee who authorises a money transfer because an email, which you thought was legit, told you to do so. Your error has cost the business you work for thousands of dollars.
Or, imagine clicking on a download link in a well crafted phishing email and opening a virus which encrypts all critical business data, causing hours of downtime, loss of data, productivity and income.
How do you think you would feel?
As an employer, we believe you have an obligation and duty of care to ensure your employees are well trained to identify fraudulent emails.
Phishing email campaigns are rampant and have existed for years with no sign of slowing due to their effectiveness. Hackers leverage the brands of large and commonly known businesses like Australia Post, DHL, FedEx, NAB, ASIC, ATO, AGL and Origin Energy (some of the most recent examples) and trick the recipient into opening a malicious attachment or clicking on a fraudulent link to download a malicious file.
Spear Phishing is a much more refined concept where the hackers will target a business, identify key personnel; usually a Director or CFO and craft an email requesting an urgent transfer of funds to a defined bank account.
Training your team members how to spot dodgy emails brings business owners peace of mind. Your staff will know what to look out for and how to cross check or discuss internally before actioning an email, simple steps which can save you money, time and stress!
Other benefits include:
- minimised risk to your business
- more savvy users
- increased awareness which could extend to other attack methods
- internal collaboration and knowledge sharing
- increased business continuity
Author: Shaun Atkinson
Shaun is the head of engineering at OtiumTech. He is passionate about Cyber-Security and finding ways to push SME’s forwards into new technologies.