Experts at the tech training firm INE warn it is paramount for business leaders to develop a cyber awareness culture within their companies, and boost security awareness among employees. “Above all, organizations must build a resilient cybersecurity posture by increasing security awareness among employees and strengthening the first line of defense,” says INE’s CEO Richard McLain. During the holiday season, there is a hike in the number of spam emails sent, and security awareness about some of the most common types of phishing emails can play a significant role in protecting critical information.
Top 10 Holiday Phishing Attacks
- Real Estate or Wire Transfer Scam: This phishing email resembles those from real estate agents or regarding a property’s closing date. Such emails contain information to transfer funds.
- Social Media Account Lockout: Alert emails may come from an unknown source alerting malicious activities on Facebook or Instagram and direct users to slick on a “More Information” link embedded within the email.
- Order or Delivery Confirmation: Even though the user may not have ordered anything, such emails contain fake order details and include a link to check the order’s status.
- Job Search or Recruitments: Such emails will have attachments or links to view job descriptions or resume formats and impersonate high authority professionals to look authentic.
- Financial Account Notifications: These emails pretend to be from banks or investment establishments and request users to log in to view monthly statements or perform some action using the link.
- Refunds or Prize Notifications: Usually in the form of notification for prize winners, some emails request user details for claiming their rewards.
- Donation Requests: Such phishing emails request funds to help the poor during festivities or to victims of natural calamities and are linked with the spammer’s bank account as the beneficiary.
- Legal Scares: These emails will force the users to pay immediately to avoid legal actions. However, the activities mentioned in the email will most likely be unknown to the users.
- Top Authority or Executive Committee Staff: The email contains a spoofed email address and impersonates authorized entities in an employee’s organization. It requests information regarding the organization.
- Trusted Party Scams: The sender acts as the victim’s acquaintance and requests them to open a malicious attachment or clicking on an infected URL in the email, which might be linked to a malicious website
The effects of phishing attacks can be devastating, and include loss of reputation, loss of intellectual property, regulatory fines and additional business costs. As the holiday season gets underway, attacks will be rampant. We would like to connect you with the Cyber Security experts at INE, to help your audience learn what to be aware of this season, and how to protect themselves. For more information and to see the entire blog post, visit www.ine.com.
SOURCE INE, LLC