Skip to content

Connor Konynenbelt, Cybersecurity Specialist

Here Phishy, Phishy.

Cybersecurity is a world-wide, growing concern. Cybercriminals make it their mission to infiltrate the networks of organizations, large and small. In addition, cyber attacks are occuring every day. These criminals continue to educate themselves to be one step ahead. Unfortunately, the easiest way for them to get into your network is a scam called “Phishing.”

Don’t take the Phishing Bait This Winter

What is Phishing?

Phishing is a form of social engineering that goes back decades. Criminals are sending messages to trick people into divulging confidential, company information. This software can be in the form of spyware, malware, or even ransomware. For example, you may receive an email from the President of your company. It looks and sounds like your President, and he asks for you to complete an important transaction. To the average employee, this is a high honor. The President of your company is asking YOU for a favor! Because of this tactic, many employees have fallen victim to this scam. 

What Does it Look Like?

Phishing is most commonly disguised as an email coming from another institution or person within your organization.  For instance, they are typically asking you to download an infected external link or share disclosed material. Disclosed material could be in the form of banking information, login credentials, or even customer data.

With technology growing at an exponential rate, the sophistication and quality of phishing emails are keeping pace. In addition, we often hear from customers that they receive emails disguised as their organization’s President, asking for money or to purchase gift cards.  

How does this affect my business?

It is important to note; hackers do their research. In other words, they are sophisticated enough to use technology to understand your company, people, functions, and how you interact day-to-day. 

The average cost of a phishing attack for mid-sized companies is $1.6 million.  To clarify, these people do not care about your data. They simply want to sell it for a profit. One minute you could be running your company and preparing for future growth and the next minute you could be paying millions of dollars to a cyber criminal to get your intellectual property back. 

How can I prevent this from happening?

It all comes down to end-user training and risk mitigation. If you aren’t currently working with a managed network services company that specializes in education and risk mitigation, the time is now. Let’s protect your business together.