Cyber criminals are targeting business owners with phishing attacks! Listen to this episode that's all about phishing simulation for tips on how you can protect yourself
Who is that email really from?
A phishing simulation is a technique to force staff within an organisation to prove that they can recognise phishing emails.
It also aims to remove any risk of becoming victim to a phishing attack from their day to day working practices.
Security breaches at several major companies have been linked back to phishing attacks.
Cyber criminals break into systems by luring someone with a login or other sensitive information through a fake email message.
Often, those messages are actually sent from the inside of an organisation as unsuspecting employees provide access by clicking on links or downloading infected files attached to phishing emails .
As part of the phishing simulation process, phishing emails are sent from phishing simulation services to test how staff within an organisation behave when presented with that phishing email.
Are you over-sharing on social?
Cyber criminals have been known to use social media to spy on employees and figure out the best times to attack businesses.
Phishing simulation works by posing as a fake company or service.
It’s usually an email that mimics a real website or service that employees might interact with every day.
It could be their web mail provider, online banking service or even their cloud based services.
The idea is to catch them off guard and obtain their passwords and login details.
Click the player below to listen via your favourite app
When carried out properly by phishing simulation experts, they can be trained to spot these attempts that exploit their trusted relationships with real services and businesses they interact with every day.
It is important phishing simulation experts phish in a way that they can properly monitor how employees respond.
For example, phishing emails are designed to appear like the real deal with little or no error messages to tip off its victims that it is fake.
Time to get battle ready in the fight against phishing
Similarly, phishing email messages often request information by posing as an official body such as a bank requesting access codes and passwords for reasons of verification.
This practice is known as vishing (voice phishing) when carried out over the phone .
With this in mind, and now knowing how sophisticated these hackers have become, can you really afford NOT to listen to the latest episode of “Techcess”?
Listen to the podcast episode by clicking on the player below:
Mark Riddell’s “Techcess” interview with Robert Hall also features the debut round of “The Techcess Ten” – ten questions geared towards learning more about the wonderful guests!
Want to learn more about phishing?
Check out episode six of Techcess in which Mark goes into even more detail about what you need to do to protect yourself from a phishing attack!