Phishing attacks and more illegal campaigns cyberspace continues to grow especially in the last year. Although most organizations have experienced growth, less than half of the companies provide the appropriate education for electronic threats.
According to a report by "The State of Email Security 2020»By the cybersecurity company«Mimecast60% of organizations believe that it is inevitable that they will fall victims phishing attack over the next year.
This may require either simple phishing, where an employee can be fooled and open a malicious attachment, or BEC attacks, where The intruders are falsifying executives or members of the company in order to extract large sums of money through unfair financial transactions.
Mimecast's investigation says the forgery increased by almost a third during its first 100 days. pandemic of COVID-19:, since The hackers they wanted to take full advantage of so many people who were suddenly working away.
It makes sense that in an office it would be relatively simpler to check if a partner has sent you a request for a corporate bank transaction. By working from home, you do not have the opportunity to go to your colleague's office and ask him, so these basic checks became more complicated. This means that employees were more sensitive to attacks phishing and counterfeiting in order to confirm money transfers or share sensitive data.
«In the past, people have been able to control with other means something they are not sure about, such as face-to-face conversation in the office. T.time they prefer to communicate via email, and do not realize that they need to verify information with their colleagues,"He said Kiri Addison, head of data science for threat information and monitoring of Mimecast.
This communication failure, combined with the fact that people work outside the company's network, and often with their own laptops, which may not be equipped with the necessary protection tools, has caused hackers to spread.
Despite the well-known escalation of phishing attacks and other email attacks, pmore than half of businesses, 55%, do not provide any kind of training to avoid such mistakes. This certainly leaves employees and companies exposed, and the necessary measures must be taken immediately.
«Training on a regular basis on the threats of phishing attacks is essential. By training staff, security officials can ensure that employees identify suspicious activity, perceive the risk of malicious activity, and manage corporate devices more responsibly.Addison added.