Why You Should Protect Your Business from Phishing

Posted by Catherine Young

What is Phishing?

The most common types of cyber crimes defy the stereotype of a hacker writing code and breaching firewalls with sophisticated methods. In reality, their methods are fairly simple. They "phish" for a way into your system or to gain access to your personal information.

The bad guys will impersonate someone, send an email, and attempt to solicit personal or company information to find a way into your system or even your bank account. Once they get this information, they may use it to do harm to your company, steal data, open credit cards in your name, fake your tax returns, or steal your money.

Phishing Examples and Schemes

There’s no end to the types of phishing attacks hackers will use. They range from emails asking you to click on a link to highly targeted attacks on company CEO’s and CFO’s. Here are some of the most common:

  • Phishing Emails

phishing email may let you know your mailbox is full and you need to click to clear.  You may get a notice that the email you sent didn’t go through and you need to click to resend. You may get a notice from your bank that someone has tried to hack into your account and, you guessed it, you need to click to verify information. Clicking will launch malicious malware which can infect your computer and give the bad guys access to your data. In some cases, it will launch Ransomware, which locks up your data until you pay a ransom.

  • Phishing Websites

The schemes have evolved to include setting up fake websites that emulate legitimate sites. After clicking a link, you will be taken to a website that looks just like your bank, for instance, and told you need to log in to fix whatever problem they made up to get you there.  

  • Social Media Phishing

Hackers will also use social media to spread their malicious links. Either by sending personal messages that appear to be from someone you know, or just posting a link and sharing it. A recent social media phishing attack was launched by promising users’ early access to Facebook tools, like the rumored "dislike" button.

  • Spear Phishing
Spear Phishing involves a highly targeted attack. This nasty email will use a specific formation that the scammers have researched. They might spoof an email address from someone you know and use personal information to get that click on a link or attachment.
  • Whaling
Whaling is when they take spear phishing to the highest levels of your company by targeting C-level executives. A CFO might get an email appearing to come from the company’s CEO authorizing a wire transfer. This technique has been especially effective leading to more than $1.2 billion in losses in the last two years alone.
  • Charity Phishing
Playing off a disaster in the news, this scam used an email solicitation for donations to help what sounds like a legitimate charity.

The Phishing Landscape Today

The FBI has an acronym for this type of fraud. They call it BEC (Business Email Compromise). In 2017, the FBI said this type of fraud accounted for $676 million. More than 300,000 U.S. businesses were hit with phishing attacks and other cyber-crimes. The number of attacks and the amount of damages nearly doubled from the year before.

Even though people know about phishing attacks, they continue to be successful. In a controlled test, 23% of employees fell victim to phishing emails. 11% of people who should know better-opened email with a malicious attachment.

The bottom line is that the number of phishing schemes continues to grow dramatically.  As awareness has grown, the hackers have become more sophisticated in their skills.

Your Business is at Risk, and Your Business Reputation is on the Line

If you think your business is safe, you may want to think again. It’s your money and your business reputation that is on the line. A recent consumer study revealed that 87% of those surveyed would not do business (or were likely not to do business) with companies that had been breached and personal data had been stolen.

In addition to hard costs and loss of consumer confidence, you may also face:

  • Lawsuits 
  • Negative media reports and social media
  • Disruptions to your business process

It may also cost you your job. Execs at high profile companies like Yahoo, Equifax, Sony, Uber, and others lost their jobs after hacks were reported.

The Best Phishing Solution Available

Inky® Phish Fence is the most comprehensive email phishing and malware protection on the market today.  Using sophisticated machine learning and algorithms, it provides an email protection gateway that blocks even deep-sea phishing attacks that other systems can’t.

Topics: phishing, phishing solution, what is phishing, business reputation