‘Beware of phishing’ – I’m sure you’ve heard this ominous warning before. But what is phishing really, and how can you protect yourself against it? One of the major issues concerning phishing is that it can be hard to identify; often disguising itself as a seemingly innocuous email or text message. You’ve likely been targeted by a phishing scam by now and might not have even known it.
So, this brings us back to our initial question, what is phishing? Phishing is a cyber-attack that involves the use of emails or text messages to gather personal information with malicious intent. Examples of said malicious intent could be to download malware onto your device or to give over sensitive financial information. The threat of Phishing is not limited to you as an individual, and it is very common for phishing attacks targeting individuals to impact the entire organization they work for. According to Statistics Canada, over two-thirds of businesses allow their employees to use personal devices for business purposes, and in the same report it was discovered that over 20% of Canadian businesses experienced an impactful cyber security incident. These two things are not a coincidence – often our personal devices are far less protected than those in a company setting and are at much higher risk for malicious phishing.
But why are phishing attacks so prevalent you may ask. Unfortunately, cyber-crime is an extremely lucrative enterprise. In 2018 it was estimated that 1.5 trillion dollars of revenue was generated from cyber-crime in 2018, and was linked to some extremely negative activities such as human trafficking, terrorism and drug trafficking. This means that not only can phishing cause your organization to very negative consequences, it can also link your business’ sensitive information to some truly dark enterprises.
So, with all this being said, how can one best identify phishing attempts and how can one defend against them? It has been proven that a two-pronged approach of both individual awareness and comprehensive defensive technology is the most effective way to protect oneself and one’s business.
In terms of individual awareness here are a few tips:
- Educate yourself on the red flags of a phishing email
- Avoid sending sensitive information such financial details or personal identity numbers such as SIN number over email or text
- If you receive a message of any kind requesting sensitive information confirm the request legitimately, by contacting the source
- Always verify links in messages before you click on them
- Implement a robust cyber security awareness program and test your users regularly.
With over 30 years of experience, Microserve understands the risks of phishing attacks. We are familiar with the strategies used to avoid hacking, malware, and social engineering. Contact us if you are looking for more information about avoiding phishing scams and other cyber-security attacks.