Getting hooked by phishing attacks are costly. In fact, the average cyber attack costs small businesses $53,987. Phishing attacks are the most common. So, how do you not get hooked by one?
We created a short video, highlighting the key elements based on an overviewby CITRIXÂ®published on SmallBizTrends.
[Phishing is] "A type of online scam that targets consumers by sending them an e-mail that appears to be from a well-known source." The scammers pretend to be an internet service provider, a bank, a mortgage company, or other entities. - Federal Trade Commission (FTC)
The FTC provides more information on how to deal with phishing attacks.
Amazingly, about 1 in every 100 e-mails are part of a phishing attack. That's right, you and your employees are likely hit with several a week since nearly a third of phishing emails aren't caught by spam or firewalls. The threat is very real and very common, and they're on the rise. SmallBizTrends reported an increase in phishing attacks of 65% from 2016-17.
Why do they do it? Simple, it works. According to SmallBiz trends, 83% of people were hooked by a phishing attack resulting in some disruption and damage. These ranged from productivity loss (67%) to data loss and reputation damage (both around 50%). They go on to say that "2 in 3 phishing attempts use a malicious link, and over half contains malware".
About ½ of all phishing attacks are malware attacks. These attacks have hidden code which triggers a malicious download. This malware allows the hacker a number of options for ransomware, stealing, spying, and other malicious activities.
Roughly, 4 out of every 10 phishing attacks try to harvest your credentials ,like your password or credit card information for instance. This can wreak havoc to your business or personal credit. However, it's mainly to use you as a trojan horse to attack a larger site with more information.
There are other types of phishing attacks, which SmallBizTrends cited.
The most inexpensive way is to follow the steps outlined in our video. However, that relies on people being vigilant, which can be prone to failure. Amore expensive approach is to purchase an e-mail security platform for your business. Capterra lists several companies, none of which post their pricing. After a little research though, we found that they charged around $5/user/month to protect Microsoft 365 users.
Vigilance. It's important to educate every employee on how to manage their e-mails to avoid these threats. Once they take the bait, they're hooked, and the phishing attack damage is done.
Brian Cairns, CEO of Prostrategix Consulting. Over 25 years of business experience as a corporate executive, entrepreneur, and small business owner. For more information, please visit my LinkedIn profile