In light of the news that nearly half of the cybersecurity incidents reported to the ICO are phishing attacks, please see a comment from David Emm, principal security researcher at Kaspersky Lab, addressing how enterprises can defend from cyber attacks.
“The fact that phishing scams account for nearly half of the cyber incidents reported to the ICO clearly shows that it remains a tactic favoured by cybercriminals, and highlights that more needs to be done to tackle this within organisations. One particular strategy which cybercriminals are utilising in order to steal money and gain access to corporate data is that of BEC (Business E-mail Compromise) – a form of phishing specifically targeted at business, especially SMBs. With this new method, cybercriminals gain access to a corporate email account and mimic the owner’s identity to trick employees, customers or partners into approving money transfers to illegal accounts.
“There are some tell-tale signs that indicate that something is a phishing message (for example, banks and other organisations never send e-mails asking for confidential data) so if employers receive such an e-mail, they should assume that it’s phishing. Remember, if it looks important, and you’re not sure, you should always call to check. Phishing relies on social engineering, i.e. manipulating human psychology. There are always new ways to try and trick people, and just like road safety, it’s best to adopt a security culture that will keep you safe in any situation – not just some that you’ve practised. For example, it’s best never to click on links in e-mails; if you adopt this rule, you never need to rely on being able to distinguish a real from a phishing link.”
ISBuzz Team embodies the collaborative efforts of the dedicated staff at Information Security Buzz, converging a wide range of skills and viewpoints to present a unified, engaging voice in the information security realm. This entity isn't tied to a single individual; instead, it's a dynamic embodiment of a team diligently working behind the scenes to keep you updated and secure. When you read a post from ISBuzz Team, you're receiving the most relevant and actionable insights, curated and crafted by professionals tuned in to the pulse of the cybersecurity world. ISBuzz Team - your reliable compass in the fast-evolving landscape of information security
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.