The corporate dangers of ‘phishing’

Are you aware of the implications that a ‘phishing attack’ can cause you as an individual as well as your business?

Phishing attacks are one of the most common and prevalent attacks that both individuals and companies can suffer from with it leading to identity and password theft. Dating back to the 1990s, phishing attacks have always been a threat and since 2017, UK businesses have experienced a rise from 72% to 86% in these particular cyber attacks as reported in the UK government Cyber Security Breaches Survey 2020.

What is a Phishing Attack?

The cybercriminals are after your money and identity with the jackpot being access to your company’s IT infrastructure and colleagues credentials through your error.  Spam emails are sent urging the recipient to provide passwords and other information onto seemingly legitimate websites to capture your identity credentials.

What to look out for?

There are some obvious (if you know what you are looking for) signs to look for in a spam email:

An Unknown Sender – If you don’t know the sender, treat with caution and care.

Attention-Grabbing Offers – Have you really just won the lottery? Did someone just offer you a free iPhone? Before you rush to open the email and submit your details think about whether these offers are really too good to be true.

Put Under Pressure – Whether it’s a super deal to take advantage of or a problem with your account, check the source directly rather than interacting within the email as no company or organization will request you to submit your details through an email link and put you under pressure to do such a task.

Incorrect Hyperlinks – A quick and easy way to check a hyperlinks validity is to hover over the link to verify if the URL is correct and legitimate i.e. no misspelling,

Unverified Attachments – The only file type within an email that is safe to click on is a .txt file, anything else could potentially contain viruses or payloads like ransomware.


Who’s at risk?

Password security statistics report that 57% of those that have experienced a phishing attack have still not changed their password management techniques leaving them susceptible to further attacks with the Gen-Z (people aged between 20yrs – 24yrs) being the most vulnerable due to their overconfidence in technology. According to The Harris Poll, 71% of Gen-Z respondents believe they wouldn’t fall for a phishing scam even though only 44% of them know what ‘phishing’ means.

It is not only individuals that are at the mercy of the cybercriminals, but the businesses that these individuals are associated to.  Corporate phishing attacks are even more consequential as it only takes one employee to expose a company’s network to multiple data and password breaches and shockingly 44% of 1700 IT practitioners in the Ponemon Institutes survey were phishing attack victims at work.

How to avoid being attacked?

Applying the most rigid password practices can be challenging and cumbersome. This is where Authlogics can assist with simplifying login/password processes and introducing other levels of security to protect individuals and corporations from cyberattacks. Gartner recently reported that “the rapid adoption of cloud services hugely increases enterprises’ exposure to phishing and other attacks” and this has driven security processes towards multi-factor authentication (MFA) solutions amongst other cloud security controls.

Multi-Factor Authentication offers multiple and complementary authentication technologies (PINgrid, PINphrase, PINpass, Biometrics, and Yubikey) to deliver single-factor, deviceless OTP or MFA in varying combinations all without a password. Authlogics MFA is a complete and easy to deploy solution with password replacement and single sign-on facilities for on-premises and Cloud applications.  The choice of multi-token or tokenless technology has assisted our customers to move beyond passwords to a simpler and more secure environment.

Talk to our Technical team to understand how you can prevent yourself and your organization from being ‘phished’.

Trusted by Governments and Enterprises Worldwide

Where protecting systems and information really matters, you will find Intercede.  Whether its citizen data, aerospace and defence systems, high-value financial transactions, intellectual property or air traffic control, we are proud that many leading organisations around the world choose Intercede solutions to protect themselves against data breach, comply with regulations and ensure business continuity.