Researched carried out by Rapid7 has highlighted that 88% of FTSE 250+ companies are not prepared for phishing attacks and have inadequate policies on place for the public email configuration of their primary email domains.
The report has also highlighted that;
With the majority of UK companies employing, and relying on digital system to operate, good cyber security practice is essential. Management should understand this risk and implement a ‘best practice policy’ to mitigate risk to both physical and financial security.
The FBI have also warned against a growing rise of Phishing attacks that are imitating trustworthy websites. These attackers are using third party authenticators, in the form of website verification certificates, to reproduce the ‘S’ on the end of HTTP and the padlock symbol. These signs do not necessarily mean that the website is genuine.
The NCSC have published the following guideline for spotting suspicious email:
Here's some tips on spotting phishing emails
Try to check any claims made in the email through some other channel. For example, by calling your bank to see if they actually sent you an email or doing a quick Google search on some of the wording used in the email.
Employees represent the single biggest threat to a companies Cyber Security, with phishing attacks representing 98% of social incidents and 93% of investigated breaches. Therefore it is essential to not only understand the risk of Phishing attacks, but to ensure there are adequate policies in place and that staff are educated.
To help protect your business speak to @GenesisIT about vulnerability tests. We can asses your current IT infrastructure and provide guidance on how to solve any weakness's in your CyberSecurity policy. We can be contacted on 01482 210999 or by email on [email protected]