Phishing is usually an entry point to a cyber attack, and must be prevented as it can lead to much worse cyber incidents. 84% of businesses have received phishing emails, social media posts or text messages in the past year, found the latest cyber security research by the Government. 

Put simply, phishing attempts are messages that are sent to your businesses from hackers, that are created to imitate real business communications. This is a type of social engineering as they are essentially trying to trick you into handing over sensitive information, or to click on a link. 

You can often spot them due to bad grammar, incorrect email sender addresses, unusual language, as well as some urgency why you ‘must’ click the link. The hackers are hoping that you, or your employees, are busy and won’t notice that the email or message is fraudulent. 

What do hackers get from phishing? 

Fraudsters are after a number of things from a phishing attack: 

• Installing malware on your computer which will allow them access 

• Access to sensitive or important data, such as ID or payment details 

• Taking over your social media accounts and posting phishing links to further hacks

A successful phishing attack could lead to financial loss fraud, through subsequent ransomware attacks and data breaches. 

Loss of trust and reputation

Overall, any type of cyber breach where your customer or suppliers details or accounts have been compromised can lead to a huge lack of trust.

It could also mean you can’t fulfil customer’s orders or any ongoing service, due to loss of control of your own data or website. This could have a huge impact on your businesses finances and reputation. At worst, it could see a small business have to close down if they cannot recover from the cyber attack. 

This shows how important it is to ensure you have optimum security around your business IT and accounts, and full training and awareness for any employees. 

AI on the increase

However, with the huge increase in generational AI, like ChatGPT, this makes it a lot easier for criminals, particularly from other countries, to create genuine-sounding communications. 

It also makes it a lot easier for criminals to target hundreds or thousands more people using AI technology.

DI Dan Giannasi is a seconded police officer who specialises in preventing cybercrime for businesses.

Do we need to train our employees on phishing? 

The NWCRC works with the best cyber students from the region’s universities, who act as cyber security consultants for small businesses. They use their cyber skills to provide affordable services to small to medium businesses while providing high-level professional experience to add to the CVs.

Book in for our Simulated Phishing Exercise