LOUISVILLE, KENTUCKY
ATLANTA, GEORGIA
CHICAGO, ILLINOIS
CINCINNATI, OHIO
DENVER, COLORADO
MADISON, WISCONSIN
RARITAN, NEW JERSEY
TORONTO, ONTARIO
NOIDA, INDIA
HYDERABAD, INDIA

V-Soft's Corporate Headquarters

101 Bullitt Lane, Suite #205
Louisville, KY 40222

502.425.8425
TOLL FREE: 844.425.8425
FAX: 502.412.5869

Denver, Colorado

6400 South Fiddlers Green Circle Suite #1150
Greenwood Village, CO 80111

TOLL FREE: 844.425.8425

Chicago, Illinois

208 N. Green Street, #302, Chicago, IL 60607

TOLL FREE: 844.425.8425

Madison, Wisconsin

2810 Crossroads Drive, Ste. 4000
Madison, WI 53718

TOLL FREE: 844.425.8425

Atlanta, Georgia

1255 Peachtree Parkway Suite #4201
Cumming, GA 30041

TOLL FREE: 844.425.8425

Cincinnati, Ohio

Spectrum Office Tower 11260
Chester Road Suite 350
Cincinnati, OH 45246

Phone: 513.771.0050

Raritan, New Jersey

216 Route 206 Suite 22 Hillsborough Raritan, NJ 08844

Phone: 513.771.0050

Toronto, Canada

1 St. Clair Ave W Suite #902, Toronto, Ontario, M4V 1K6

Phone: 416.663.0900

Hyderabad, India

Incor 9, 3rd Floor, Kavuri Hills
Madhapur, Hyderabad – 500033 India

PHONE: 040-48482789

Noida, India

H-110 - Sector 63 ,
NOIDA , Gautham Budh Nagar ,
UP – 201301

Phishing is Putting Your Business at Risk

fish hook

Phishing is happening every day as employees are tricked to taking the bait and giving access or sensitive data unsuspectingly to those that seek to do your business harm. Your sophisticated security measures don’t stand a chance if your employees click on malicious links they believe came from friends or clients ending up giving away the keys to your business. Cyber criminals are phishing your employees right now, today, at this moment, and here we offer some insight in what we hope makes you more aware and less likely to take the bait. 

Good Cybersecurity Doesn't Guarantee You're Protected

Companies spend millions of dollars on cyber security and obtain an array of security products but unless you pay attention to the human element, you are missing the boat. We, humans, are the weak link in the infosec chain and hackers know it.

In the context of IT security, social engineering refers to the malicious attempts by hackers to get people to perform or act in ways they usually would not - ultimately giving up access to sensitive information. Everything from PII (personally identifiable information) such as birthdates, credit card info, usernames/passwords, etc. to proprietary company information is sought by hackers. A favorite attack used to garner this information is phishing

Phishing Explained

Phishing has been around since the mid 1990’s. It’s still a preferred method by hackers because it’s easy to use and it works. Phishing kits, complete with mailing lists can be purchased on the dark web. Although texting and telephoning could be used, the most popular vector or delivery vehicle of a phishing attack is email. 

phish·ing ˈfiSHiNG noun  |  the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers."

 A classic example of phishing is a bogus email appearing to be sent from a major bank asking the user to click on a link that directs users to a cloned website where the user enters username/password. Now bad people can access your bank account. Phishing is also used to deliver malware such as ransomware by the same means of prompting users to click on links to seemingly safe websites sent from my friends or institutions.

busienss phishing security discussion at a computer

Phishing Protection for Your Business 

Since we humans are the target of these phishing attacks, wouldn’t it be great if we could spot these malicious emails? Using common sense will aid in the detection of phishing attacks as many attacks urgently prompt a user to click on a link.

  • Emails from unknown senders with poor grammar and misspelled content are a giveaway.
  • Monitor your brand through Google Alerts so when your company name shows up online you receive an email allowing you to find mentions you might otherwise miss. 
  • Look for social media impersonators of your brand by doing simple searches. 
  • Implement strong anti-spam management
  • Train employees and protect an organization from phishing by performing regular phishing tests.

These phishing tests may be the most effective and can be initiated internally to not only determine who would most likely put the company at risk in the event of a real phishing attack but also train employees as well. Tests can be fun while improving the company’s security posture. Competitions among employees with gift cards given to those who spot the most phishing attacks with extra training going to those that need it most can be a great way to train and protect at the same time. 

Cyber Security Readiness Assessment


About the Author

Ron Lenox is a veteran of the cybersecurity field and advocate for protecting business client’s networks and information assets. Ron enjoys traveling, college sports and various outdoor activities with family and friends. Wildlife photography is a special passion of Ron's when he is not busy preparing a great steak on the grill.

best cybersecurity company in louisville

 

Topics: Managed Services, Cyber Security

Get tech and IT industry Updates