9 out of 10 phishing emails contain ransomware, and 91% of data breaches start with a phishing attack.
The consequences of ransomware and data breaches can be severe for a company's bottom line and reputation.
Is it possible your employees could fall for scams like these? If you're not sure, you might want to phish them yourself to find out. Phishing is an effective method for cybercriminals to make money because it gives attackers more control than simply placing traps on the web and hoping that people will fall for them.
Without being able to tell which emails are real and which are fake, victims are more likely to engage with them.Spear-phishing tactics are used to catch the recipient's attention by gathering information from online profiles like friends names, locations, and other available personal information, which also helps legitimize the scam.
As a result, a person's risk of falling victim to these attacks increases greatly, and the value per victim goes up as well.
The most prevalent mass phishing attacks of 2016 mimicked popular brands like Apple, Microsoft, Google, and also some banks and social media sites.
Your cybersecurity strategy must cover people, process and technology. Training users and providing cues and reminders that an email may not be legitimate are ways to address the people aspect of this.
To really keep them on their toes and provide real-time training opportunities, you should phish them yourself.
Take the first step to identifying weak points in your security by phishing your end users. We can set you up with your first phishing test (free of charge) if you sign up online.