In our last blog post, we established that phishing attacks are one of the most common forms of cyber attacks (the 2023 Cyber Security Breaches Survey found that 89% of businesses suffered phishing attacks). This staggering figure highlights the importance of making sure your business is protected, and your people are cyber aware.
In fact, phishing is one of the easiest, and most effective ways for hackers to gain access to your systems, confidential data and even your money.
It is imperative that your staff are trained in how to recognise fraudulent requests. Not only that, your systems and processes must be robust: important requests that are sent electronically, or any type of money transfer should always utilise two-factor authentication of some kind to ensure that your business and your reputation is protected.
In this guidance from the National Cyber Security Centre (NCSC), they outline a few ways in which you can help your staff recognise and obstruct phishing attempts.
Ensure staff are familiar with the normal ways of working for key tasks (such as how payments are made), so they’re better equipped to recognise unusual requests
There are some common warning signs and indicators with phishing attacks (including but not limited to those below):
But phishing attempts are getting more sophisticated and business costs are sky-rocketing, meaning that staff are busier than ever before. This creates the perfect opportunity for hackers.
So what can you do to better protect yourself and your business? In a small business, it can be hard to prioritise your security; there are many other pressing things that require your attention. This doesn’t make you any less of a target though. It is critical that you have security measures in place to protect your data. Some of the basics include:
The North West Cyber Resilience Centre (NWCRC) offers a variety of training which can help you safeguard your business.
Our Simulated Phishing Exercise helps to raise your staff's awareness of phishing emails and makes them more likely to identify and report scams.
Security Awareness Training can be delivered one-to-one, or to larger groups of people and helps to create a culture of cyber resilience in your business and provides staff with the confidence to notice and challenge something that doesn’t look right.
If you understand the importance of improving your cyber hygiene but you’re not sure where to begin, please contact the NWCRC using the details below. We can talk you through our free and paid for services and help you to protect your business.
Click to Open Code Editor