How much of a threat is Phishing to your business?
Cyber Wise subscribers are constantly hearing the term ‘Phishing’, you’re probably getting bored of it as much as we are however there is great purpose as to why we keep reminding our users of it. Phishing is one of the greatest Cyber threats with more and more cases of Phishing attacks being reported every day, it is also the number 1 delivery vehicle for ransomware with 85% of organisations suffering from Phishing attacks in 2016. According to a survey by Wombat Security, Phishing attacks were up 13% from 2014 to 2016, 93% of them were intended to infect victims with ransomware with 30% of them being opened by users.
Criminals use many different techniques to trick users into clicking on links or attachments and confidential information such as bank information, account credentials and addresses. One technique criminals use to get bank details is ‘selling’ sold out concert tickets, a scam that over 21,000 people have reported falling victim to in the last 3 years. In that time the British people have lost over £17 million and Action Fraud UK recently tricked 1,500 British music fans into almost buying sold out concert tickets from a fake website they created. The fake website ‘Surfedarts’, which is an anagram for ‘Fraudsters’, was created by Action Fraud UK and the City of London Police to make the public aware of the growing problem.
Music fans from London, Manchester, Birmingham, Cardiff and Leeds were sent emails advertising a new site. The site was purposefully set-up to look like a secondary ticket provider and imitated the way fraudsters offer fake tickets. However not all fake websites look ‘secondary’ with some beginning to look more genuine than ever, a recent fake Gmail login page even tricked some security experts.
Users who entered the website were shown a video, informing them that they almost bought tickets off a fake website and how these types of scams are tricking more and more people every year. The experiment was a brilliant way of finding out how simple it is to create these scams, and just how many people fall for it. It is very similar to a test that Cyber Wise can offer you, so that you can identify the threat that phishing attacks can pose to your business.
Cyber Wise offers educational Phishing attack simulations that are unique to your business, teaching your team everything there is to know about Phishing attacks and informing them of how vulnerable they can be to an attack. Your team receive emails with links that (if clicked) will direct them to a video informing them they were tricked by phishing and most importantly makes them aware of these types of emails. The video will teach your team how to identify phishing emails, the threats pose to your business, and what they should do if they were to spot phishing. You will also receive a vulnerability report that will identify who and how many of your team fell for the scam. Allowing you to make an informed decision about the training required to stay safe.
If you would like to learn more about our phishing simulator and how it can help you, make sure to email firstname.lastname@example.org.