Block the Bait: Cyber Phishing Attacks

Odds are, if you’re a risk manager or information technology professional, you likely associate October with Cybersecurity awareness. And we can’t blame you. October is, after all, Cyber Security Awareness Month, and the unfortunate circumstances that can arise due to poor cybersecurity practices can be much more frightening than any Halloween scare. That’s why, this week, we’re drawing attention to the prevalence of human error in phishing attacks and the value of employee education and training.

IBM’s 2023 Cost of Data Breach Report identifies phishing as the most prevalent and costliest attack vector, responsible for an average cost of $4.9 million per data breach.

Human error (still) remains the leading cause of cybersecurity breaches, as employees continue to fall victim to phishing attacks. Verizon’s Data Breach Investigation report states that phishing makes up 44% of social engineering incidents. Organizations have battled human error since welcoming technology into the workplace. Whether employees ignore security software updates or fall victim to phishing emails, breaches can evolve from countless avenues due to fundamental human error. 

Over 90% of data breaches and hacks result from phishing scams that appear most frequently through emails, where criminals pose as legitimate institutions to obtain personal information. Successful phishing cyberattacks are costly and can cause substantial interruptions to your operations.

If you’re unsure whether you’ve identified a potential email phishing scam, remember to always err on the side of caution and report it immediately.

If you suspect an email phishing scam, here’s what to look for:

  • Poor grammar and spelling
  • Blurry and pixelized logos/graphics
  • Requests that violate established rules
  • Requests that are deemed urgent, lack context, and are outside of normal business operations
  • The “From” email address does not match the sender’s actual name or email address
  • Suspicious embedded URLs (hover over the link without clicking to see the actual URL address)
  • Suspicious attachments with odd, unrecognizable file names 

Educating employees to identify common phishing scam tactics is the first step to mitigating cybercrime. The most effective defense is raising awareness about all types of phishing scams through training and education. Has your municipality or school board taken advantage of the many benefits available through CIRMA’s exclusive online training and education platform? Contact your local CIRMA Risk Management representative to get started today.

Learning how to be cyber-smart has never been more convenient. CIRMA’s online courses and webinars allow employees to learn at their own pace, 24 hours a day, seven days a week. CIRMA offers a Cyber Webinar Series through its exclusive CIRMA member Vector Solutions platform. This robust training and education tool features cybersecurity-related online training courses and webinars proven to educate employees and reduce costly and disruptive cybercrimes, including phishing attacks.  

If you haven’t taken advantage of the many benefits available through CIRMA’s exclusive online training and education platform, contact your local CIRMA Risk Management representative to get started today. There is no additional charge to CIRMA members for this service. 

Back to Blog Next Article
weak password help

Still Using Weak Passwords? Do This Instead.

Passwords have long been firmly established as the weakest link in an organization’s cybersecurity. Here's what you can do to avoid this significant yet…

View Posts

Block the Bait: Cyber Phishing Attacks

Human error (still) remains the leading cause of cybersecurity breaches, as employees continue to fall victim to phishing attacks. Verizon’s Data Breach Investigation report…

View Posts
beat cyber social engineering attacks

Social Engineering: The Art of Human Manipulation

Social engineering cyberattacks are becoming increasingly prevalent, costing municipalities millions annually. Here's what you can you do to be cyber smart.

View Posts

Social and Emotional Awareness

Failure to cultivate a workplace culture that advocates for mental health can subject employers to legal risks, including claims of workplace violence or failure…

View Posts

Work Zone Safety Works

It's everyone's collective responsibility to ensure safety in work zones. Road workers rely on their communities to keep them safe at work. CIRMA provides…

View Posts
wellness at work

Wellness at Work

The adoption of workplace social and emotional health programs skyrocketed over the past two years due to heightened visibility during the pandemic when remote…

View Posts
home work environment tips and best practices

Whitepaper: Create a Home Work Environment that Works for You

Creating a home workspace does not require extraordinary upgrades to your home or even purchasing fancy office equipment. Setting up a workspace with basic…

View Posts

Personal Protective Equipment for Public Entity Employees

Proper use of personal Protective Equipment (PPE) is crucial for accident prevention in the municipal workplace. PPE can safeguard employees from potential risks, ensure their well-being,…

View Posts
wrist injury sprain strain workers comp

Preventing Sprains & Strains

Sprain and strain injuries are the most common and costly workplace injuries. Employees can injure their knee, shoulder, wrist, or back while performing everyday…

View Posts