The festive period is approaching, a quick trip to any supermarket will verify this with shelves being cleared and new displays appearing with the latest chocolates, selection packs and gifts. The retail industry isn’t alone in its gearing up for the Christmas period, hackers are also getting ready with phishing campaigns leading to fake retail sites, often offering massive discounts on the latest “must have” toys and gifts of 2018.
Statistics gathered from various security products/companies around the globe all correlate and conclude that from October through to the end of January phishing attacks nearly double. After all why shouldn’t the hackers benefit from the January sales madness?
It’s not just home users hit by these attacks which can be both monetary loss or ransomware deployments. Many employees do indeed have homes, but they also have lunchtimes in the office when the restrictions are loosened over a 2 hour period and internet shopping becomes the norm for a few weeks.
Whether they have used their own personal gmail account or business email for registration with various services, if a “special offer” hits their inbox your company could be in trouble.
Your staff need to be trained continually on phishing to avoid one click impacting your company. Gone are the days of the Nigerian prince giving you his inheritance, easily spotted due to the bad grammar (thanks google translate) and obviously fake emails. This is now a professional criminal business deployed to target on a schedule with specific goals in mind.
Skanco’s security team can run simulated phishing attacks against your company. These are tailored to your company, and prepared in the same way a hacker would do. This includes gathering information about the company via the news, social media and your website. It could also be related to local news or partners you deal with.
By making this targeted but with subtle mistakes you can over time ensure your users are looking for the right points within an email before clicking or referring it to your IT department for verification.
To find out about our testing please contact us