Per numbers released back in April from Action Fraud – the center that reports the UK’s fraud and cybercrime – victims have lost more than £2 million from 862 known coronavirus-themed scams, phishing emails and other forms of fraud in the UK alone.
Phishing emails have been on the rise since the start of the pandemic, as bad actors look to capitalize on the fear, stress and sudden changes in global working environments. Yet, while COVID-19 has contributed to the uptick in phishing attacks, it's not exactly a new problem.
In both 2018 and 2019 phishing attacks were used as the entry point for one-third of all attacks, per IBM X-Force. According to the Verizon Business 2020 Data Breach Investigations Report, 33% percent of breaches in North America were linked to phishing.
The reality is that phishing emails remain the most common way for hackers to gain access to a company’s network. Now, more than ever, employees must stay vigilant, so they don’t fall hook, line and sinker.
How can you educate employees to recognize phishing attempts and avoid becoming the next victim? Prioritize security awareness education.
Start by teaching workers to recognize the signs that a message might not be genuine. Spelling mistakes, poor grammar, topics like unpaid invoices and login troubles, or a time-sensitive matter like open enrollment, are all indications of sketchy intentions.
Employees should also be on the lookout for pretexting – when a bad actor tries to impersonate someone they know in order to gain access to personal information. This could be an individual pretending to be a supervisor, coworker or even tech support.
Conduct regular training sessions with your employees and emphasize these concepts and the need to stay on top of the current threat landscape.
There are a lot of bad actors out there – and even more targets primed for the taking. Companies are confronting almost 1,200 phishing attacks each month – an average of 40 a day – per a survey from GreatHorn. If you can’t discern the legitimate messages from the devious ones, it won’t be long before you take the bait and fall victim to phishing.