A phishing attack is the leading type of data breach. Phishing is an e-mail fraud method in which the perpetrator sends out a legitimate-looking email in an attempt to gather personal and financial information from a recipient.
The logic behind this type of attack is a simple reliance on human error. Statistically, if enough e-mails are sent, a sufficiently large number of recipients, who are rushed or distracted, will fail to scrutinize the IP address. They will click on the embedded link, and allow the attacker to access the system, thus making the attack profitable enough that this continues to be the number one method of attacking a system.
In order to avoid succumbing to this type of attack, companies should conduct periodic internal phishing campaigns and security awareness training programs to constantly educate users to scan incoming emails and avoid clicking on links sent from unfamiliar sources before attempting to verify that even e-mails that appear genuine are in fact from the actual sender being portrayed. However, due to the ever present existence of human error, phishing campaigns and employee training only help to minimize the number of occurrences. An Incident Response Plan on the other hand, assumes the occurrence of data incidents and provides the organization with identified personnel and a step-by-step process for managing early detection, analysis, containment and eradication of a data incident, thus limiting the time that the intruder is in the system and preventing the intruder from gaining access to critical data.