9 Top Tips to Prevent Corporate Phishing Attacks

Corporate Phishing

It is vital for all companies to recognise the role their staff play in the security of information. Corporate employees are in possession of the right credentials (such as passwords, ID documents, usernames and security clearances) and general knowledge which is of utmost importance to anyone trying to breach the company’s security and gain information. One way in which an intruder can gain the said protected information is through phishing. This is classed as any attempt by electronic means to steal sensitive information like passwords, usernames, credit card details, etc., for malicious purposes, by masquerading as someone trustworthy. In a business context, this means getting the necessary information to gain access to otherwise protected networks, data, etc.

The gaining of trust from the victim is crucial to the success of this activity, and since we now live in a digital age, gathering information has become much easier than before. There are various methods of phishing used by attackers which can have a very negative impact on a business and its employees. These include:

  • Sending an email containing an embedded hyperlink which redirects the recipient to a non-secure website which requests sensitive information;
  • Attempting to obtain information by telephone by pretending to be a member of the IT department or a known business contact;
  • Installing a Trojan horse in a malicious email, via an attachment or advertisement, which enables the sender to exploit loopholes and thus steal restricted information. (A Trojan horse is a malicious computer programme, which dupes the user into installing it, by representing itself as a free gift, something useful, entertaining, etc.)

9 Steps To Educate It's Employees About Phishing

In order to prevent such abuse, a company can take the following steps to educate it's employees about phishing:

  1. Conduct training sessions on this topic, with mock phishing scenarios;
  2. Install a spam filter on all company systems which detects blank senders, viruses, etc;
  3. Keep all systems up to speed with the latest security patches and updates;
  4. Install anti-virus solutions, and monitor the anti-virus status on all equipment;
  5. Use a web filter which blocks malicious websites;
  6. Make use of a security policy which includes password expiration and complexity;
  7. Ensure that all sensitive company information is encrypted (this is defined as the encoding of information or messages in such a form that only authorised personnel will be able to read it);
  8. Require that all telecommuting employees have encryption;
  9. Convert HTML emails into text-only ones, or disable HTML ones.

These are just a few of the multiple measures which companies can take against phishing attacks, which threaten their security and integrity. They should keep up with current anti-phishing measures to ensure they can recognise and eliminate new threats as they evolve.  It is just as important to ensure that all employees are aware of these types of threats and how to avoid them. Properly secured systems and informed staff are key in preventing theft of sensitive data from your business through malicious activities of this kind.

Picture courtesy of www.ifsecglobal.com

Recommended Posts | Data Loss Prevention

Secure Your Data

Watchdox Is Here to Secure Your Data

Security and regulation become that much more important these days because there is a continuous increase in the data stored in the cloud which is being used by an increasing number of corporate systems and mobile devices. Watchdox, which specialises in the protection and sharing of enterprise ...
Hybrid Cloud Security

8 Essential Considerations for Hybrid Cloud Security

Data centers may be consolidated utilizing hybrid clouds. Hybrid cloud data storage is a combination of distinct elements with a public cloud provider and a private cloud platform. The infrastructure for a hybrid cloud permits encrypted communication, while each cloud operates independently ...
Partitioning Your Hard Drive

The Benefits of Partitioning Your Hard Drive

Partitioning can be a smart option for home computer users. When you partition, it means that critical data used by the computer will not be stored on the same drive, i.e. the C drive. There are several advantages to this, but the best reason to do it is that it means you won’t lose all your data ...
Prevent Theft or Loss of Your Smartphone

Prevent Theft or Loss of Your Smartphone

Our smartphones accompanies us daily, anywhere we go and is one of the most valuable things we carry. Not only do we carry an electronic device equipped with the latest technology, but we also accompany all our data among which are: our personal information and people around us, our photos ...