Articles

Could Your Employees Identify and Stop a Phishing Attempt? by Brandon Bowers


Posted on July 25, 2024 by Brandon Bowers

Businesses and their employees are constantly bombarded by a rising threat of email and text scams that have resulted in millions of dollars in security breaches, lost data, stolen money, interruption to normal business operations and longer-term reputational damage. While businesses should bolster their defenses with a range of cybersecurity hardware and software solutions, they cannot afford to ignore their employees’ role in protecting the organization on a day-to-day basis.

According to Verizon’s 2024 Data Breach Investigations Report (DBIR), 73 percent of all cybersecurity incidences in 2023 resulted from phishing and pretexting attacks, in which victims receive messages that appear to come from someone they know. However, criminals manipulate that level of trust and rely on other social engineering methods to dupe victims into sharing their credentials, downloading malware or ransomware that holds the organization’s data hostage. According to the report, more than two-thirds of breaches involved a human element, and it took an average of just 60 seconds for victims to fall for the scam and share credentials or click on a malicious link. This tells us that businesses must commit to better training their employees on recognizing the signs of phishing attempts and take precautions before acting on something that could cause irreparable damage to themselves and their employers.

Following are some tell-tale signs that an email or text message may be a phishing attempt, which your employees should flag and report to your IT or cybersecurity team.

Additionally, remind your employees to slow down when reacting to requests they receive via email and text. Scammers commonly use scare tactics and create lookalike URLs and fake email addresses to trick their victims into taking their bait.

Navigating the evolving and high-stakes world of cyber threats can be challenging. However, with proper education and mandatory training for all your employees, you can reduce the risks of your organization falling victim to these damaging attacks.

About the Author: Brandon Bowers is director of Managed Cyber Security Solutions with Berkowitz Pollack Brant Advisors + CPAs, where he provides businesses, professional services firms and family offices with business continuity and recovery, cybersecurity and fully outsourced help desk services. He can be reached at the CPA firm’s Ft. Lauderdale, Fla., office at (954) 712-7000 or info@bpbcpa.com.