This blog provides information on how vulnerable businesses are to phishing attacks and some of the steps you can take to help change this outcome. Would you or your employees pass a phishing email simulation?
Phishing emails are emails which appear to be from a legitimate company, however ask you to provide sensitive data, open attachments or click and open links. These emails are an easy way for attackers to gain information as well as introduce malware or ransomware onto your computer- and even your network.
Globally, it has been estimated that around 8 million phishing emails are opened a day, with 800,000 of those actually clicking on the link within the email. It has also been estimated that around 10% of those who do click the link, provide sensitive data such as credentials or personal information.
During a survey from Wombat Security Technologies, it has been found that 28% of people fail to identify phishing threats. In our opinion employees need phishing awareness training to allow them to fully understand:
- What phishing is
- The consequences of clicking on a suspicious link
- How to spot tell-tale signs of them
- What they should do if they receive a phishing email
Around 70% to 95% of computer infections (malware/ransomware) are a result of users introducing the attack onto their computer- which includes clicking on a phishing email. Wombat state that infections from malware can be reduced from 70% to 45% after users undergo awareness training. This is where Equilibrium can help you.
Test your employees
We are very happy to announce we now offer a phishing simulation service. This will allow us to send out phishing emails and track the users who clicked on the simulation email.
Features of our service:
- Use a range of templates to create emails appearing to be from a range of companies such as Cisco and Amazon
- Redirect users to training sources such as: videos, interactive quizzes and informative sites to help teach employees about phishing after clicking on a link from the phishing email
- Reporting to view which users clicked on links in the email or provided credentials in a phishing login simulation to help target awareness training to the users who need it
We appreciate that you may feel that you have all of the technical mechanisms in place to protect your business against a cyber attack, unfortunately the statistics speak for themselves and people make up one of the largest vulnerabilities a business faces when it comes to a cyber attack.
This service can be a huge help in providing your employees with the skills they need to spot phishing attacks and prevent them from clicking on anything in those emails. As users are a huge part of the security of your network, it is vital that employees have the training they require.