
Oct 12, 2023
Cybersecurity Awareness: Insights from FBI and CISA ExpertsThis October is Cybersecurity Awareness Month. Understand cybersecurity awareness with insight from FBI and CISA experts and stay vigilant.
Cyber attacks are on the rise each year and can target both small and large businesses alike. Protect your business from phishing attacks.
Cyber attacks are on the rise each year and can target both small and large businesses alike. Small businesses are just as susceptible to cyber attacks as large corporations, if not more so! Typically, smaller companies lack the robust security infrastructure that larger organizations have making them a prime target for cyber criminals.
One of the most common cyber attack vectors for small businesses is a form of social engineering known as phishing. Since phishing leverages human error, anyone can be a target.
Phishing schemes can often fly under the radar of major media attention but still cause costly and devastating damage to businesses.
These attacks come disguised as seemingly legitimate communication, usually posing as a company or person you know and trust. When delivered via email, phishing attempts often create a sense of urgency and a call to action, such as clicking a link or opening an attachment. In addition, phishing may also arise as a phone call (vishing) or via SMS messages (smishing).
Phishing scams normally try to:
Phishing can lead to business email compromise attacks, where hackers take over the mailbox of a specific individual. If a hacker gets into your email, contact list, or social media, they can spam people you know with phishing messages seemingly from you. Trust and urgency are what make phishing so deceiving and dangerous. If the criminal can convince you to trust them and to take action before thinking — you’re an easy target.
A study by Stanford University found that 9 in 10 corporate data breaches are caused by employee mistakes in falling for these cyber attack schemes.
One predator group, REvil, is estimated to have collected $100 million in fraudulent payments from cyber attacks and phishing schemes in the first six months of 2021 alone. These attackers then use their earnings to purchase more expensive and advanced tools to further compromise larger, more secure networks. The cycle continues.
Based on National Cybersecurity Alliance and CybSafe’s Annual Cybersecurity Attitudes and Behaviors Report in 2021, 64% of workers claim to have no access to cybersecurity training. Even more startling, nearly a third (27%) of those who do have access, chose not to use it.
This is cause for major concern within an organization considering statistics show 1 in 3 people are or will be the victim of a cybercrime. With more businesses than ever finding a dependency on digital operations, knowing how to protect yourself and your operations is essential.
Many cyber attacks can be combatted and prevented simply by educating your employees on proper cybersecurity hygiene and being vigilant in your digital safety. Oftentimes, employees simply do not understand the severity of a cybersecurity threat and do not know what to look out for or beware of.
Take the first steps in protecting your business from phishing attacks by:
Take a proactive approach to build a culture of security within your organization.
Employee training and education is a great point of frontline defense against phishing attacks. Oftentimes, cyber insurance policies include valuable risk management resources such as employee training courses to mitigate the risk of phishing attacks and other forms of cyber crime.
Speak with our cyber insurance experts at Morris & Garritano to learn about what risks your business might be facing and find customized coverage to suit the unique needs of your company.