Social type cyber security attacks were utilized in 43% of breaches in 2016. That includes, malicious emails, social Website links, and other types of attacks that lure employees to provide private data (like passwords) for mostly financial gain. Email Phishing is the most common social attack. (93% of social incidents). 28% of these attacks are targeted at high value targets like CEOs, CFOs, finance departments etc.
Common impacts of phishing attacks include:
- Access to bank accounts including unauthorized bank transfers
- Access to online payroll accounts and subsequent payments to non-employee bank accounts
- Malicious Software installation
- Other type of personal account access and theft of underlying assets
How to Prevent Social Engineering & Phishing Attacks?
Well, let’s put the blame where it belongs. Human Error. The latest studies show that over 10% of people will click on links or attachments in phishing emails. Those are not good odds.
1. Train Your Employees and Management Teams
Let’s start with the elephant on the table. What we need is online cyber security training, phishing simulations and ongoing reinforcement aids. The program needs to be adaptive to different groups in your company and available all year. Until now this was either not available or too expensive to deploy cyber security training.
Well the world just changed and complete cyber security training is available now at a price less than your PC antivirus.
Smart companies are using cyber security training to plug a huge hole in their security.
2. Improve our Core Email and Web Security
The best way to provide strong email and web security is to implement and manage enhanced security solutions.
- Implement a strong UTM firewall with APT Protection and properly configure it
- Strong Email security incorporating (Anti-malware, Anti-Spam)
- Next Generation endpoint security (Zero-day protection, Anti-Ransomware capabilities)
- Use 2-Factor authentication on key company accounts
- Cloud Application Security solutions (like CASB)
- Add cyber security training with phishing simulations. It is available, affordable and easy to implement.
- Reinforce your core security especially as it related to email, phishing and malware.
- Enlist a security expert to help you. They can help with:
Contact us – We can help.