{"id":8224,"date":"2022-05-15T15:45:06","date_gmt":"2022-05-15T13:45:06","guid":{"rendered":"https:\/\/tekmart.co.za\/t-blog\/?p=8224"},"modified":"2022-05-15T15:45:08","modified_gmt":"2022-05-15T13:45:08","slug":"phishing-protection-how-to-keep-your-employees-from-getting-hooked","status":"publish","type":"post","link":"https:\/\/tekmart.co.za\/t-blog\/phishing-protection-how-to-keep-your-employees-from-getting-hooked\/","title":{"rendered":"Phishing protection: how to keep your employees from getting hooked"},"content":{"rendered":"<span class=\"span-reading-time rt-reading-time\" style=\"display: block;\"><span class=\"rt-label rt-prefix\">Reading Time-approximately:<\/span> <span class=\"rt-time\"> 3<\/span> <span class=\"rt-label rt-postfix\">minutes<\/span><\/span>\n<h2 class=\"wp-block-heading\"><strong>This is a must read for CIOs and other line managers. Share this list of phishing techniques and detection tips to help employees avoid phishing schemes. Plus, review technologies to protect your enterprise from phishing attacks.<\/strong><\/h2>\n\n\n\n<p>By <a href=\"https:\/\/www.techtarget.com\/contributor\/Sharon-Shea\">Sharon Shea<\/a> and <a href=\"https:\/\/www.techtarget.com\/contributor\/Steven-Weil\">Steven Weil<\/a><\/p>\n\n\n\n<p>Phishing attacks are becoming increasingly sophisticated, complex and common. According to a 2020 Proofpoint study, 90% of organizations experienced phishing attacks in 2019. Further, the 2019 Verizon Data Breach Investigations Report found that <strong>94% of\u00a0malware is delivered via email.<\/strong><\/p>\n\n\n\n<p>Such attacks can be devastating for employees and businesses alike. In fact, 32% of 2019 data breaches involved phishing, according to Verizon. And, with IBM reporting the average total cost of a data breach at $3.92 million, keeping employee and corporate data safe from malware, ransomware, identity theft and loss is crucial.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Types of phishing attacks<\/strong><\/h3>\n\n\n\n<p>Phishing, a form of social engineering, involves attackers tricking users into providing access to data and systems. There are several common types of phishing tactics:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Email phishing<\/strong>\u00a0is the most common form. Attackers send emails with malicious links or attachments to infect their targets.<\/li><li><strong>Spear phishing<\/strong>\u00a0is more selective, with attackers sending emails to a specific target.<\/li><li><strong>Whaling attacks<\/strong>\u00a0occur when a high-profile employee, such as the CEO or CFO, is targeted in a phishing scam.<\/li><li><strong>Voice over IP phishing<\/strong>, or\u00a0<strong><em>vishing<\/em><\/strong>, is a phishing scam carried out\u00a0using voice technology, such as over the phone.<\/li><li><strong>Pharming attacks<\/strong>\u00a0occur when a DNS server is tricked into replacing a legitimate cached IP address with a malicious one, thereby redirecting users to the malicious website when they type the legitimate one into the browser.<\/li><li><strong>SMS phishing<\/strong>, or\u00a0<strong>smishing<\/strong>, is a phishing scam executed via text message.<\/li><li><strong>Social media phishing<\/strong>\u00a0occurs when phishing messages are sent via social media platforms.<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-image size-large\"><img fetchpriority=\"high\" decoding=\"async\" width=\"1024\" height=\"898\" src=\"https:\/\/tekmart.co.za\/t-blog\/wp-content\/uploads\/2022\/05\/targeted-spear-phishing-attack-model-illustration-1024x898.png\" alt=\"\" class=\"wp-image-8225\" srcset=\"https:\/\/tekmart.co.za\/t-blog\/wp-content\/uploads\/2022\/05\/targeted-spear-phishing-attack-model-illustration-1024x898.png 1024w, https:\/\/tekmart.co.za\/t-blog\/wp-content\/uploads\/2022\/05\/targeted-spear-phishing-attack-model-illustration-300x263.png 300w, https:\/\/tekmart.co.za\/t-blog\/wp-content\/uploads\/2022\/05\/targeted-spear-phishing-attack-model-illustration-768x673.png 768w, https:\/\/tekmart.co.za\/t-blog\/wp-content\/uploads\/2022\/05\/targeted-spear-phishing-attack-model-illustration-800x701.png 800w, https:\/\/tekmart.co.za\/t-blog\/wp-content\/uploads\/2022\/05\/targeted-spear-phishing-attack-model-illustration.png 1080w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>How to recognize and avoid phishing attacks<\/strong><\/h3>\n\n\n\n<p>How can these attacks be stopped? Educating employees is the first step in phishing protection. Here is a list of clues end users should be on the lookout for to avoid getting hooked by phishing schemes.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>If an\u00a0unsolicited or unexpected email arrives in your inbox, be sure to do the following:<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li>Never reply to the message, click on any links or download suspicious attachments.<\/li><li>Never trust an email or website that asks for personal, corporate or financial information. Legitimate companies will never ask for such data via email. If you are concerned about your accounts, contact the organization using a telephone number you know is genuine or by opening a new browser session and typing in the company&#8217;s website.<\/li><li>Never copy and paste links from emails. Also, note that hovering over links to check their validity is not recommended &#8212; hackers can use coding to make the URL appear legitimate.<\/li><li>Never click untrusted shortened URLs, such as Bitly links.<\/li><li>Check for typos. Many phishing emails contain grammatical errors and misspelled words.<\/li><li>Check the sender&#8217;s address. If you don&#8217;t recognize it, be wary. Remember, phishers can forge sender addresses. Check the IP address in the email source code to see if it can be traced back to the true sender.<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe title=\"What is Phishing? How to Spot a Phishing Attack\" width=\"500\" height=\"281\" src=\"https:\/\/www.youtube.com\/embed\/LrFarFrzbD4?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Phishing protection best practices<\/strong><\/h3>\n\n\n\n<p>Unfortunately, user awareness only goes so far in phishing defense. Therefore, technical controls should be considered to help catch phishing attacks. These controls will not eliminate phishing attempts but may minimize them.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img decoding=\"async\" width=\"575\" height=\"660\" src=\"https:\/\/tekmart.co.za\/t-blog\/wp-content\/uploads\/2022\/05\/email-spoofing-illustration.png\" alt=\"\" class=\"wp-image-8226\" srcset=\"https:\/\/tekmart.co.za\/t-blog\/wp-content\/uploads\/2022\/05\/email-spoofing-illustration.png 575w, https:\/\/tekmart.co.za\/t-blog\/wp-content\/uploads\/2022\/05\/email-spoofing-illustration-261x300.png 261w\" sizes=\"(max-width: 575px) 100vw, 575px\" \/><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>Regularly update and patch web browsers. Browser vulnerabilities are often used as part of phishing attacks.<\/li><li>If personal, corporate or financial data must be entered into a website, visit the site by typing it into a browser; never click the link in an email or copy and paste it. Also, make sure the site is secure by checking for a lock symbol in the browser bar or making sure the URL starts with HTTPS.<\/li><li>Install a web browser toolbar or extension to help protect against known phishing websites.<\/li><li>Run antimalware software, and regularly update it.<\/li><li>Use a firewall.<\/li><li>Many groups collect phishing attack data to shut down websites and take legal action against phishers. Phishing scams can be reported to groups such as the Anti-Phishing Working Group via\u00a0email\u00a0or\u00a0its website\u00a0or the Federal Trade Commission via\u00a0its website. In addition, many companies at risk of being\u00a0spoofed\u00a0have an email address to report scams to &#8212; for example,\u00a0Netflix\u00a0and\u00a0Visa.<\/li><\/ul>\n","protected":false},"excerpt":{"rendered":"<p><span class=\"span-reading-time rt-reading-time\" style=\"display: block;\"><span class=\"rt-label rt-prefix\">Reading Time-approximately:<\/span> <span class=\"rt-time\"> 3<\/span> <span class=\"rt-label rt-postfix\">minutes<\/span><\/span>This is a must read for CIOs and other line managers. Share this list of phishing techniques and detection tips to help employees avoid phishing schemes. Plus, review technologies to protect your enterprise from phishing attacks. By Sharon Shea and Steven Weil Phishing attacks are becoming increasingly sophisticated, complex and common. According to a 2020 Proofpoint study, 90% of organizations<\/p>\n<p><a class=\"more-link\" href=\"https:\/\/tekmart.co.za\/t-blog\/phishing-protection-how-to-keep-your-employees-from-getting-hooked\/\">Read More<\/a><\/p>\n","protected":false},"author":113,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[38,17,219,307,4,128,30,54,3,47,11,266,184,147,284],"tags":[],"class_list":["post-8224","post","type-post","status-publish","format-standard","hentry","category-best-practices-for-data-center-operations","category-cio-resources","category-ctos-quick-reads","category-cybersecurity-risk-assessment-and-management","category-datacenter-news","category-email-and-messaging-threats","category-expert-advise-and-opinion","category-hackers-and-cybercrime-prevention","category-industry-news-and-expert-advise","category-it-managed-services","category-it-management","category-man-in-the-middle-attacks-mitm","category-msps-and-cybersecurity","category-security","category-web-application-and-api-security-best-practices"],"_links":{"self":[{"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/posts\/8224","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/users\/113"}],"replies":[{"embeddable":true,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/comments?post=8224"}],"version-history":[{"count":1,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/posts\/8224\/revisions"}],"predecessor-version":[{"id":8227,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/posts\/8224\/revisions\/8227"}],"wp:attachment":[{"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/media?parent=8224"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/categories?post=8224"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tekmart.co.za\/t-blog\/wp-json\/wp\/v2\/tags?post=8224"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}