Phishing is a digital form of social engineering to deceive individuals into providing sensitive information. This is typically done via email, having people click on links that allow hackers to get into the system.

Phishing is the number one attack used against SMBs. Here are some scary statistics to underscore this fact:

  • Phishing is the leading cause of data breaches, accounting for 90% of them. (Source: retruster.)
  • Nearly 1.5 million phishing sites are created each month. (Source: dashlane blog)
  • 76% of businesses reported being a victim of a phishing attack in 2018 (Source: Proofpoint).
  • 92% of malware is delivered via phishing emails. 

What should SMBs do?

Those are sobering statistics for SMB owners to contemplate.  But the good news is that phishing attacks are one of the easiest things to train your employees on how to spot and avoid.  Follow these best practices to reduce your likelihood of being breached by a Phishing attack.

  1. Train your employees on how to spot, avoid and delete phishing attacks;
  2. Test your employees with Phish Testing attacks; re-train those that fail in your tests.
  3. Purchase and train your employees on how to use a Password Manager. If you visit a phishing website and try to enter your password credentials using a Password Manager, you will NOT be able to. Employees reusing passwords will absolutely enter their credentials.
  4. To protect the Internet  from phishing attacks using your domain name, setup SPF, DKIM and DMARC records to block the receipt of emails masquerading as your domain name.

Source: NCSD Glossary, CNSSI 4009, NIST SP 800-63 Rev 1

If you would like to learn more about phishing, watch this short video:

Are you doing enough to protect your business?

Sign up with CyberHoot today and sleep better knowing your

employees are cyber trained and on guard!

CyberHoot does have some other resources available for your use. Below are links to all of our resources, feel free to check them out whenever you like: 

Note: If you’d like to subscribe to our newsletter, visit any link above (besides infographics) and enter your email address on the right-hand side of the page, and click ‘Send Me Newsletters’.

To view some of our latest Newsletters, start by clicking the links below: 

CyberHoot Newsletter – November 2021

CyberHoot Newsletter – October 2021

CyberHoot Newsletter – July 2021

You can also check out some of our popular 2021 Cybersecurity Awareness Month Video Blogs (VLOGs) from October by clicking the links below, or alternatively visit our Vlog page

Software as a Service (SaaS) — Day 1 of Cybersecurity Awareness Month

Two-Factor Authentication — Day 4 of Cybersecurity Awareness Month

Smishing & Vishing — Day 8 of Cybersecurity Awareness Month

Mobile Device Security — Day 18 of Cybersecurity Awareness Month

vCISO, Why Do I Need One? — Day 30 of Cybersecurity Awareness Month

We are also offering different webinar topics on a weekly basis, below you will find links to the other three weeks of webinars that we offer for free to attend: 

CyberHoot Best Practices, Updates, and Q&A – 1st Thursday Each Month

Selling Cybersecurity to Prospects and Clients – 2nd Thursday Each Month

CyberHoot Best Practices, Updates, and Q&A – 3rd Thursday Each Month

Selling Cybersecurity to Prospects and Clients – 4th Thursday Each Month

These webinars are a great way to improve your cybersecurity sales skills or to improve your CyberHoot platform knowledge! 

Share this on your social networks. Help Friends, Family, and Colleagues become more aware and secure.