Any business in operation today needs to keep modern realities concerning cybersecurity at top-of-mind if they are going to successfully maintain the business going forward. One major issue to be cognizant of is the increasing prevalence of phishing attacks.
Did you know that, in 2018, phishing attacks had increased by 269 percent as compared to 2017? Furthermore, phishing was involved in 32 percent of all reported data breaches that year. Businesses located in the United States also seem to have the most to be worried about, as almost 86 percent of phishing attacks were leveraged against American targets.
It’s No Wonder that Phishing is Being Addressed During NCSAM
NCSAM, or National Cybersecurity Awareness Month, is meant to encourage awareness of cybersecurity practices and behaviors in an attempt to promote them. This year’s lessons cover many basic cybersecurity practices – including how to identify and avoid phishing attempts, reinforcing the 2019 theme of “Own IT. Secure IT. Protect IT.”
Of course, we can also help you out by giving you some actionable best practices now.
- Be wary of unsolicited or unexpected messages – One of the biggest clues that something is a phishing message is that it will likely appear out of the blue. If you suddenly get an email “from Amazon” that says suspicious purchases have been made on your account and you need to re-verify your payment credentials, think about it for a second – have you received any other emails from Amazon in regard to these purchases, as in delivery schedules or order confirmations? The same concept applies to emails that come from any sender. Before you interact with one of these emails, try reaching out to the supposed sender through some other means to confirm.
- Avoid unanticipated links or attachments – Cybercriminals have become irritatingly clever in how they deliver their attacks and malware – not only delivering a convincing argument via phishing, but hiding executable malware inside documents that activate when the attachments are opened or delivered via a bad URL. Unless you were anticipating a link or attachment in an email, you should always be hesitant to click on them – at least until you’ve confirmed their legitimacy through another form of communication.
- Check the details – Make sure that the email is actually coming from where it should. Cybercriminals will sometimes create fraudulent emails that, at a quick glance, look similar enough to the real McCoy that a user may not spot the difference. Is the address from “[email protected],” or from “[email protected]”? Look at the second option closely. G-R-N-A-I-L probably isn’t the mail service your contact uses, suggesting that this email is fake.
While this month may be dedicated to improved cybersecurity awareness, it isn’t as though you don’t have to consider it for the rest of the year.