FINANCIALS ARE ALREADY NOT LOOKING PRETTY. A PHISHING HACK COULD DESTROY THEM.
Phishing preys on ordinary human weaknesses to gain access to systems or extort money. Phishing was already very common and successful. Coronavirus shot those numbers up even further.
At RSM Malta, we’ve observed attacks for 8 Amazon gift cards of €75 each, a mere €600. It’s common. It’s effective. It’s rewarding (to the hacker). If successful, they’ll hit again and again, until the ploy is discovered.
Fake coronavirus alerts are all the rage, but phishing can use any topic to deceive users. Protecting against phishing attacks is a group effort. It requires a human firewall. The more employees educate themselves on how to spot and report phishing attempts, the safer your finances will be.
For a standard price of €490, we can run a phishing simulation experience for your company (up to 50 users). Our report will identify areas for improvement and recommend practical action points that are cost-effective for the local market, including user education.
- Phishing preys on human weaknesses
- #1 top threat in breaches in 2020
- #2 top threat in incidents in 2020
- Phishing emails a daily occurrence even locally
- Several Maltese companies suffering damages
- €600,000 stolen in a single attack on a Maltese company
- €13 million heist at BoV started off with a simple phishing email
- More worryingly, attacks for €600 Amazon gift cards experienced
Background
- Phishing preys on human weaknesses
- #1 top threat in breaches in 2020
- #2 top threat in incidents in 2020
- Phishing emails a daily occurrence even locally
- Several Maltese companies suffering damages
- €600,000 stolen in a single attack on a Maltese company
- €13 million heist at BoV started off with a simple phishing email
- More worryingly, attacks for €600 Amazon gift cards experienced
How it happens
- A long day
- Work stress
- An IT request to validate your account
- Credentials are stolen
Phishing is a major threat:
- It’s common. All industries are hit
- It’s effective. 1 in 11 users is successfully tricked
- It’s easy. A cornerstone attack method
- It’s rewarding. Bad actors actually make a living out of this
Phishing awareness:
Recognizing, addressing and avoiding threats
Objective
- How aware are your staff?
- We create a phishing attack
- How well are they are detecting a threat?
- We track and study user actions
Recent Developments - The Corona Twist
- Companies are focusing on safety, readiness and response measures
- People are scared and tense
- The bad guys prey on fear to manipulate people
Two grades of attacks
- Generic, pretending to be the ECDC, Red Cross or other
- Targeted, faking specific members of your company
- By using a familiar name, attacks have a higher success
Save the money, avoid the Hack
Three steps to safeguard against these emerging phishing scams:
1. Get in front of the issue by communicating the risks
Proactively tell your staff how you will distribute critical alerts and information.
2. Evaluate your remote work security controls
The rush to implement remote working solutions has left many companies at risk. Indeed, we identified missing controls in all of the companies we worked with.
Know your staff
3. Test and educate your users
Protecting against phishing attacks is a group effort. The more employees educate themselves on how to spot and report phishing attempts, the safer everyone will be.
For a standard price of €490, we will run a phishing simulation experience for your company (up to 50 users). Our report will identify areas for improvement and recommend practical action points