Do you and your employees understand the dangers of spear phishing? If not, you could be setting your company up for an online security breach, giving cyber criminals a chance to break into your business’ network. PCWorld recently discussed the very real threat of scammers using fake social network IDs to trick employees into surrendering information that allows these criminals to sneak into company networks.
The PCWorld story pointed out a phishing incident that Websense Security Labs uses as an example: In this attack, a cybercriminal crafted a fake LinkedIn profile of a woman named Jessica Reinsch, who was said to be an employee of a real dating Web site. Jessica Reinsch, though, doesn’t exist. And the criminal behind the fake ID used it to acquire important info from a variety of businesses. The fear? That this criminal could have used this data to hack into business’ networks.
The most chilling part? The PCWorld story should make it clear that many small business owners are woefully unprepared to defeat back phishing attacks, mainly because they don’t spend time to educate their employees on how to recognize them. PCWorld cites a survey by ThreatSim that discovered that nearly 60 percent of 300 IT executives, administrators and professionals in U.S. organizations mistakenly considered phishing to be only a minimal threat.
The reality, though, is phishing is an extremely real threat. The PCWorld story cited the same survey that stated that more than one in four respondents reported a phishing attack that did lead to a material breach in their company networks during the last year. The message? Business owners need to take phishing seriously. And they also need to take real measures to ensure that their employees don’t fall for these scams.
Posted on: 12.24.13