How can you protect your business against phishing attacks?

It’s easy to assume that, as businesses, we are safe from phishing attacks. After all, the fraudsters are targeting individuals – a tech-illiterate older generation who can’t spot the signs of fraud – right? This simply isn’t true. A report from CyberSec found that 43% of the UK SMEs they surveyed had suffered from a phishing attack. With 66% of those attacks being successful. Phishing today is an incredibly sophisticated industry and businesses around the world are at risk. So, how do you make sure you stay protected? Here are some of the ways you can spot a phishing attack and successfully prevent your business from suffering a breach. 

Look carefully at spelling and domain names 

Many (but not all) phishing emails contain errors, spelling mistakes, and poor English. They may also come from a personal rather than a business domain, so 'hotmail.com and 'gmail.com' ddresses rather than a website address. It may seem like something that you would pick up on automatically but when you and your team are busy, it’s easy not to take a moment to consider the emails that hit your inbox. Make sure your people are aware of the common signs of a phishing email and know how to report them. 

Don’t click on unverified links

Often scammers will include a link in an email with the destination disguised through a button. These are often a gateway to malware, like viruses or spyware. By hovering over a suspicious link with the mouse, your team can identify its source. And questionable links should always be referred to the IT team for further investigation. One click is all it takes to undermine the financial and data security of your business, 

Think twice when considering urgent requests

The most persuasive scammers will add a sense of urgency to their requests. They may even claim to be from an IT helpdesk and say that they require information or access to your files to prevent a scam or virus. If someone you don’t know is asking you to do something with an extreme sense of urgency, always take some time to consider why. And never provide access to data or sensitive information you don’t feel comfortable with.

Make sure you have the right security tools and training in place 

One of the best defences in the fight against phishing is awareness. Taking the time to train staff and ensuring they understand internal security procedures and best practice is an investment in the security of your company. This should be supported by expert tools and digital walls of defence. Spam filters, website filters, anti-virus software, they can all add an extra layer of security. However, it is important that you pick defence tools that support your unique business structure and goals – listen to external and internal expertise to ensure you have adequate protection. 

Phishing strategies are evolving constantly and so must your approach to this very real security threat. By staying up to date with the latest scams, strategies, and defence tools you can help your company to stay one step ahead of this destructive industry. 

Looking for a cyber security specialist to help protect your business? We can help. Get in touch to learn more about our cyber security and technology candidates.