We have all heard about major companies falling victim to phishing attacks, but for some reason, many of us think that our businesses won’t be affected. Why is this? Perhaps a certain ignorance to the rising problem of phishing attacks, or maybe your company has put measures in place already to deal with such a problem should it arise.
Many experts agree that a lack of knowledge about phishing attacks is the problem. And it’s not just the main IT department that need to be aware of the issue, but all employees within the company so that if they are targeted, they know how to respond to the phishing email.
Statistics from a UK website are indicative of a worldwide trend. It stated that 44% of IT professionals declared that their employees were their company’s “biggest spear phishing liability”. No one is safe from these attacks; 44% of attacks targeted IT staff, 43% were targeted at finance staff and 29% sales staff. CEOs were also targeted by 27% of total attacks.
And it really is a problem your business should be facing. 84% of respondents in the survey admitted that their network had been successfully breached by a phishing attack in the last year. Additionally, 90% of these attacks came via email, 48% via mobile platforms and 40% via social networks. It’s a threat your business can’t ignore.
So, what can you do? The first call of action is to inform yourself and your employees on the nature of phishing attacks, what a phishing email can look like, and what to do if anyone receives an email that they believe could be suspicious. Perhaps hold a companywide meeting, or send around a comprehensive phishing information pack.
The next thing to do is prepare a plan for if your company security is breached. Look at what other major companies have done in the wake of a phishing attack – Wonga for instance set up a fraud hotline to help customers who were concerned that they had fallen victim to a scam that was using Wonga’s brand image to dupe web users. Wonga also released information quickly on its website to inform even those unaffected so that they could watch out for any suspicious message coming their way.
You’ll want to maintain customer trust in your brand, which can sometimes be affected if you have not responded well to a phishing attack. Always keep customers at the forefront of your minds – have back up servers available to move data for its own protection if you need to. If your employees’ data is at risk, you’ll want to transfer this too. Also, remember to get an expert’s advice on email spam filters and so on.
Remember – you are not untouchable. Hackers are finding new and sophisticated ways of getting around spam filters and tricking employees and customers into falling for their latest scams. Be informed and prepared and your business is better versed to deal with any future phishing problems.