When you think of a spam email, you might imagine something that can easily be recognized as a scam. Nowadays, it’s not nearly that simple. Spam emails used to be easy to spot due to poor grammar or poor email formatting, but scammers have gotten a lot better at simulating real emails. Even tech-savvy professionals can fall prey to well-crafted scams if they aren’t being careful. In fact, these scams have become so frequent and harmful that the United States Cybersecurity and Infrastructure Security Agency recently declared an “imminent and increased cybercrime threat to U.S. hospitals and healthcare providers.”
It doesn’t help that social distancing and remote working during the pandemic has led many companies to adapt to a completely virtual work environment – and as a result, a huge rise in dependence on new technology to get things done. While this shift has kept people safe physically, inexperience with new tools and less face-to-face interaction has created a lot more opportunity for hackers and scammers to strike. One of the most well-known and increasingly common types of scams is called phishing.
What is phishing?
Phishing is a simple, yet very dangerous type of targeted cyberattack. As with real fishing, victims are “lured” in through emails, texts or phone calls and tricked by phishers into taking a certain action or giving up sensitive information such as passwords or credit card numbers.
Examples of phishing emails that employees may receive:
- A message that appears to come from the company CEO asking to send a wire transfer as soon as possible.
- An email that resembles an official Microsoft message with a link to retrieve undeliverable email. The link sends the user to what appears to be an official Microsoft login screen.
- An email with an attachment to a voicemail. By clicking the attachment link, a virus/malware is discreetly installed on the computer.
The days of installing a single piece of antivirus software on a computer and being secure are over – Now, IT security is about how many layers of protection you can place between yourself and the bad guys. That’s where we come in!
How we protect our clients:
- Install and regularly update normal antivirus software
- Install additional managed detection and response software, monitored 24/7/365, that detects malicious attacks not visible to other antivirus software programs
- Conduct email phishing tests to see where a group of users in the company may be susceptible to phishing attacks
- Provide on-demand training to teach clients how to recognize phishing attacks and what to do when they occur
- Report potential threats without actually having to open the email to avoid malware injection
From financial losses to major security breaches, phishing schemes can cause a lot of damage to you or your organization. Even after people start returning to the office, phishing attacks will continue to happen, and each attack will be more sophisticated than the one before it. At Entec, our professionals implement a combination of advanced technologies and user education to empower our clients to keep their sensitive data secure and spot phishing attacks whenever they come.