Phishing: Is your business prepared?

January 17, 2020

Phishing: Is your business prepared?

Employees are commonly known as the weakest links for any IT environment. They are consistently and ultimately the last line of defense of a cyber related attack. In a recent study, 95% of data breaches have causes attributed to human error.  While the human error can include a wide variety of actions, a majority of them are tied to phishing related attacks. Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity. Phishing also includes trying to deceive a user to click on a link or open a malicious attachment in an attempt to obtain information and/or infect the devices.

In the last year, 76% of businesses reported that they have been a victim of a phishing attack. Further research has determined that approximately 30% of users opened phishing emails. 12% of those who opened phishing emails later opened the infected links or attachments. The cyber criminals are continuously looking at ways to mask and deceive the end user. One common way is masking the attack by utilizing commonly known file times. For example, 38% of malicious attachments are masked as one Microsoft Office type of file or another.

Maintaining a strong cyber security culture, including layered security controls and properly educating, testing, and training the end user is key in combating these types of threats.

At Herbein + Company, Inc. and our subsidiary Financial Outsourcing Solutions (FOS), we have dedicated professionals who focus on information technology, information security, and cyber security 100% of the time. Contact us for a social engineering assessment or cyber health assessment checkup on your organization’s cyber exposures and risks. Read more about our IT Risk Management Services here.

New call-to-action

For additional information, contact us at Article prepared by Jeff Johns.