The cyber threat employees face the most at work is Phishing attacks, where hackers attempt to steal data from individuals and organisations.

To help stay protected from phishing attacks, it's pivotal that you (reading this) and all your colleagues/staff members know how cyber attackers are operating and remain alert when you notice a suspicious message in your inbox.

If your business has fallen victim to a phishing attack before, maybe you should consider looking closer at a ,Simulated Phishing Exercise and how it can build resilience in your business.

5 Tips to Avoid Being Hooked in a Phishing Attack

Developing good habits online can drastically reduce your chances of becoming a victim of phishing; these habits include:

1. Please ensure staff don't browse the web or check emails from an account with Administrator privileges. Each staff member should have their own account; remember to take advantage of different user roles with privilege levels. This will reduce the impact of any successful phishing attacks.
2. Scan your devices for malware and change passwords as soon as possible if you suspect a successful attack has occurred.
3. Check for obvious signs of Phishing, like poor grammar and spelling or low-quality versions of recognisable logos. Do you know if the sender's email address looks legitimate?
4. Use multi-factor authentication on your important accounts such as email. This means that even if an attacker knows your passwords, they still won't be able to access that account.
5. Criminals use publicly available information about you to make their phishing emails appear convincing. So please review your privacy settings and consider what you post online. Be careful when sharing pictures of your home working setup or your organised office/desk at work! They may give away private information to potential attackers!

Does your business want to raise your staff's awareness of phishing emails? Training your employees on what a phishing attack looks like makes them more likely to identify and report scams. We recommend conducting a ,Simulated Phishing Exercise. This guards your business against the growing trend of social-engineering threats.

We recommend that small to medium-sized businesses sign up for our ,Business Enhanced Membership. This includes; Simulated Phishing Exercise, Security Awareness Training, Cyber Security Policy Templates and 12 months of support from our team.