This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
Insights Insights
| 1 minute read

Federal Cyber Agency Publishes Infographic about Phishing

'tis the season...to watch out for malicious code and social engineering in enterprise emails.  Actually, it is always the season to watch out for that. To underscore the point, the nation's cyber watchdog (CISA) has released an infographic that it "recommends stakeholders use...to help educate their workforce on how to spot and avoid phishing attacks."  

Note especially the data in Item 3 in the attached: large volumes of malicious emails are not blocked by endpoint or network border protection. Once those emails get in, employees are overwhelmingly likely to interact with them, and underwhelmingly likely to report their interaction.  

Why It Matters

Most organizations still think about complex, high-tech hacks by shadowy actors when they consider cyber threats to their enterprise.  But the fact is that for most small and medium businesses, email is the main threat vector: it's how the bad guys get into, or get information out of, your network. Raising awareness of red flags within your workforce, blocking as many phishing emails as you can, and putting in place simple policies such as requiring a confirming phone call before acting on ANY emailed payment instructions, can save quite a lot of heartache, expense, and legal exposure.  

Within the first 10 minutes of receiving a malicious email, 84% of employees took the bait by either replying with sensitive information or interacting with a spoofed link or attachment.

Tags

data security and privacy, hill_mitzi, insights