There have been a number of high-profile cyber breaches that, which upon inspection, were the result of phishing attacks. These malicious e-mails aim to collect personal information and employee credentials to steal intelligence from an organization’s network or to install malware such as a data-stealing Trojan.
Phishing attacks must be convincing enough to bypass security screening and bait a recipient into clicking through to an infected website. Molding workers into hardened cynics to defend against phishing isn’t the path forward. Instead, businesses need to recognize the signs of an attack and train their employees on how to act when even something small is just not quite right. For more details on what companies can do visit Bill Sweeney’s comments on BAE Systems’ blog.
For further information you can email Bill or call Greg Kirsch at (416) 788-2888.