Despite the many tools in place to prevent your company from hacking attacks they usually do not disrupt phishing attacks from occurring.
In a nutshell, a phishing attack is a fraudulent message, usually in the form of an email, which lures users into clicking a link or revealing important information like passwords or credit card information.
Often times the links in turn either leads the victim to a malicious website to capture their information or initiates a malicious download.
Phishing attacks continue to be a menace to employees and businesses. They continue to be so successful because these attacks are targeting innocent victims who can’t tell the convincingly real emails are fake.
VALUE OF STOLEN CONTENT
Looking at the total value of passwords and credit cards belonging to thousands of individuals makes it is easy to understand why phishing can be so lucrative.
Stolen information is often sold in shady online marketplaces several times, where they will then be purchased by identity thieves.
Cybercriminals then use the information to carry out credit card or banking fraud and other fraudulent transactions in the person’s name and often ruins their credit history.
The cost of a single piece of stolen personal information can range from a few dollars to thousands of dollars, depending on the specific information that has been obtained.
For example, a random credit card number can cost $5; a medical record, $50; and a bank account credential, $1,000.
The goal of most phishing attacks is to acquire what is known as personally identifiable information, or PII. This information includes data that, either individually or combined with other relevant data, can be used to identify an individual.
Examples of this kind of data would include social security numbers, bank account numbers, credit card numbers, medical records, educational records, mailing addresses, biometric records, and so on.
TIPS TO KEEP YOUR COMPANY SAFE
Here are a few tips to help keep your business safe from phishing emails landing in your inbox.
- Look for typos
- Look at the source of the email (ex: USABank@yahoo.com)
- Hover the link url to see where it goes
- When in doubt call or contact the company directly
Graphic Source: Inspired E-Learning Phishing Facts