Phishing is an innocent-sounding name for a potentially devastating activity. It describes the efforts of hackers and scammers to fool individuals into revealing critical information by posing as a trusted entity. A phisher typically sends out an IM, text message, or email that contains a malicious link. When the duped recipient clicks on that link, bad things happen -- including the automated installation of malware programs or even ransomware that locks up entire drives full of critical data.
More bad guys seem to be enjoying successful phishing trips these days. One report of seven countries revealed that 57 percent of organizations fell prey to successful phishing attempts in 2020. This number represents a mere 2-percent rise since 2019. In the U.S. however, 74 percent of organizations suffered from successful phishing attempts, a 14-percent jump over the previous year. Some 35 percent of the American phishing victims (twice the percentage of other countries in the report) sustained immediate financial losses.
How can your organization avoid getting caught on the end of someone’s phishing line? First and foremost, educate your team on how to detect little details that indicate a phony source, such as an incorrect domain name or spelling/grammar errors that the genuine source would never make. You should also teach your employees to be instinctively leery of requests for information and attachments or inline links in messages.
Of course, it’s always possible for a phishing attempt to pass superficial inspection. That’s why you should also implement two-factor authentication for sensitive programs. In addition to supplying one set of login credentials over one workplace machine, 2FA requires another response from an authorized user’s smartphone or other personal device.
If you need professional help in your anti-phishing efforts, contact Gravity Systems. Our Austin IT services experts can provide everything from professional guidance to beefed-up security safeguards.