Most of us have heard about phishing scams. They’re almost as old as the internet. And right now, they are one of the biggest security threats to your business.
With a whopping 83% of organizations falling prey to successful phishing attacks in 2021, the chances your business will be hit are high. Almost one third of phishing emails are opened. And they’re getting better.
Cyber criminals have appropriated a technique commonly used by ransomware groups, designed to panic people into giving away sensitive information.
The attack begins in a familiar way.
An urgent email appears in your inbox, warning you that suspicious activity has been detected on your account. Perhaps someone is logging in from a new location, or a password change has been attempted.
You’re directed to verify your login details via a hyperlink to access more information.
Are you worried yet?
Perhaps not.
But in a new twist in an old tale, a countdown timer now appears on your screen.
Confirm your details before the countdown ends or your account will be deleted.
Yes, you read that right.
This manipulation tactic is extremely effective. It’s designed to make you panic, so that you act now and think later.
The truth is, nothing happens when the timer reaches zero. But people can’t help but fixate on the ticking numbers. It stops them from doing the things they would normally do, like trying to contact the relevant organization directly through their support number or asking a supervisor for advice.
The page you’re giving your details to is fake, of course. The information will be used by criminals to access your real account. This is something no business wants to face.
It puts you at risk of financial loss and opens the door for data theft. Depending on the particulars of how you run your business, it also potentially puts other accounts at risk.
Your details and any stolen data may even be sold on the dark web for other criminals to use.
No one wants this to happen to them, so here’s how you can protect yourself.
Look closely at the email address the email was sent from. Be on the lookout for spelling or grammatical errors and hover your mouse cursor over any hyperlinks to see where the link will try to take you. Instead of clicking a link in an email, type the address of the website directly into your browser’s address bar.
If you think you may have fallen victim to a phishing scam, it’s imperative that you change your password immediately.
A password manager is a tool that creates long and complex passwords for all your accounts and stores those passwords for you safely. It will autofill relevant login boxes for you to save time, and will recognize if a website is not legitimate, preventing you from unknowingly logging in to a phishing page. We recommend that you use one.
Keep your business safe. Share this information with your whole team. If you want to talk about keeping your business secure online, call us.