Phishing attacks are on the rise and have more than doubled from 2013-2018. In 2018, 64% of businesses experienced a phishing attack – costing nearly $2 million per incident. 1 in 3 consumers will stop supporting a business after they’ve undergone a security breach, and 74% of hackers say they’re rarely impressed by an organization’s security measures. Knowing this, it’s urgent for businesses to improve their security tactics. The best route in doing so is through your employees.
Why You Need People, Not Just Firewalls
Your employees are the frontlines of your business. Most email communication will come through them before you. However, 72% of employees report that protecting themselves from email attacks have become increasingly difficult since 2016. Hackers have a niche in the psychology of phishing. The most common phishing email notifications employees fall for are:
- Updated Building Evacuation Plans
- Subject Lines Reading: Invoice Payment Required
- Toll Violation Notifications
Here’s why. Receiving an email notifying you with your company’s updated evacuation plans preys upon fear with need-to-know information. Receiving an email with an invoice mimics realistic personalized messages. Additionally, a toll violation notification creates a sense of urgency within the receiver.
WIth 35% of employees unaware with “phishing” even means, there’s a dire need for additional protocols on top of annual email/cybersecurity training. 1 in 10 employees have clicked a link in a phishing email, and many employees forward the suspicious emails they receive to their IT department. Of all emails flagged by employees, just 15% are actually malicious, and many malicious emails fall through the cracks.
A security breach decreases a company’s productivity by 67%, can cause them to lose 50% of their reputation and 54% of their data. This is why 95% of infosec professionals “recommend” training employees on how to identify phishing attacks in your annual training courses.
People Learn Better Through Practice & Reinforcement
More than half of Infosecurity professionals believe training has reduced phishing susceptibility. In fact, 76% of professional phishing victims receive additional counselling from a manager rather than negative consequences.
The Key To Security Is People
In 2018, 93% of security breaches involved phishing attacks. The internet is full of dark alleys, so it’s important to give your employees flashlights to see through its deception. Here are some ways you can loop your employees into your security tactics.
- Train employees to spot phishing attacks
- Give them feedback on their effectiveness
- Give them tools that allow them to apply their training
Phishing can go on to compromise 65% of the victim’s accounts, increase their malware infections by 49%, and cause them to lose 24% of their data. In 2018, 8 in 10 people experienced a phishing attack, 2 in 3 consumers received phishing emails, and 1 in 3 was compromised.
An attack can go on to not only attack the victim’s data but also their personal life. Many of those who were compromised went on to have their social media or email account hacked. Why isn’t looking out for red flags enough?
It’s Tough To Spot a Fake
There’s a reason phishing attacks have more than doubled from 2013-2018. It’s tough to spot which emails are real, and which emails you should avoid clicking on. Not all phishing attempts make their way to your spam folder.
Today, hackers are getting better at their job. 49% of hackers prefer to exploit human nature (emotions) rather than technology. By doing so, they can do a better job at manipulating the receiver into opening their messages and clicking on malicious links.
In 2018 alone, 83% of people received phishing emails. Time is money – and emails are, too. What are you doing to increase your business’ security? Remember: your employees are your best shield.
Original Source: https://www.phishcloud.com/getting-out-of-the-phish-net/