Could Your Employees Identify a Spear-Phishing Email?

Updated 11/06/2021

Cybersecurity

Just yesterday I heard yet another story of a business executive who mistakenly authorized a large payment to what he thought was a legitimate vendor. It wasn’t until a month later, when the real vendor called about the late payment, that he realized he was the victim of a spear-phishing scam.

65% of organizations have experienced a spear phishing attack in the last 12 months*

Cyber criminals can easily find information about you, your employees, and vendors through internet search and through social media accounts.

Using a technique called “social engineering” they will cleverly disguise an email pretending to be one of your trusted vendors asking for payment or banking information.

Often these emails have the branding and tone of the vendor, making it difficult for you or your employees to know that they’re being phished.

Anyone Can Be Fooled, Here’s What You Can Do

When in doubt, make a phone call.

However, NEVER call the phone number in the email. Rather use the contact information in your database to verify any changes in payment requests.

There are other ways too that your employees can help protect your company’s financial and other important data from malicious virus attacks and hackers, so it’s important to invest in detailed, company and industry specific security awareness training.

We can help. Learn more here: https://consilien.com/security-awareness-training/

Sources: https://blog.knowbe4.com/two-thirds-of-organizations-have-experienced-spear-phishing-attacks-in-2021