Phishing is a digital form of social engineering to deceive individuals into providing sensitive information. This is typically done via email, having people click on links that allow hackers to get into the system.
Phishing is the number one attack used against SMBs. Here are some scary statistics to underscore this fact:
- Phishing is the leading cause of data breaches, accounting for 90% of them. (Source: retruster.)
- Nearly 1.5 million phishing sites are created each month. (Source: dashlane blog)
- 76% of businesses reported being a victim of a phishing attack in 2018 (Source: Proofpoint).
- 92% of malware is delivered via phishing emails.
What should SMBs do?
Those are sobering statistics for SMB owners to contemplate. But the good news is that phishing attacks are one of the easiest things to train your employees on how to spot and avoid. Follow these best practices to reduce your likelihood of being breached by a Phishing attack.
- Train your employees on how to spot, avoid and delete phishing attacks;
- Test your employees with Phish Testing attacks; re-train those that fail in your tests.
- Purchase and train your employees on how to use a Password Manager. If you visit a phishing website and try to enter your password credentials using a Password Manager, you will NOT be able to. Employees reusing passwords will absolutely enter their credentials.
- To protect the Internet from phishing attacks using your domain name, setup SPF, DKIM and DMARC records to block the receipt of emails masquerading as your domain name.
Source: NCSD Glossary, CNSSI 4009, NIST SP 800-63 Rev 1
If you would like to learn more about phishing, watch this short video:
Are you doing enough to protect your business?
Sign up with CyberHoot today and sleep better knowing your
employees are cyber trained and on guard!
CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like:
- Cybrary (Cyber Library)
- Press Releases
- Instructional Videos (HowTo) – very helpful for our SuperUsers!
Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’.
To view some of our latest Newsletters, start by clicking the links below:
CyberHoot Newsletter – November 2021
CyberHoot Newsletter – October 2021
CyberHoot Newsletter – July 2021
You can also check out some of our popular 2021 Cybersecurity Awareness Month Video Blogs (VLOGs) from October by clicking the links below, or alternatively visit our Vlog page:
Software as a Service (SaaS) — Day 1 of Cybersecurity Awareness Month
Two-Factor Authentication — Day 4 of Cybersecurity Awareness Month
Smishing & Vishing — Day 8 of Cybersecurity Awareness Month
Mobile Device Security — Day 18 of Cybersecurity Awareness Month
vCISO, Why Do I Need One? — Day 30 of Cybersecurity Awareness Month
We are also offering different webinar topics on a weekly basis, below you will find links to the other three weeks of webinars that we offer for free to attend:
CyberHoot Best Practices, Updates, and Q&A – 1st Thursday Each Month
Selling Cybersecurity to Prospects and Clients – 2nd Thursday Each Month
CyberHoot Best Practices, Updates, and Q&A – 3rd Thursday Each Month
Selling Cybersecurity to Prospects and Clients – 4th Thursday Each Month
These webinars are a great way to improve your cybersecurity sales skills or to improve your CyberHoot platform knowledge!