The Scary Truth: Phishing Cyberattacks
Experts say the fall season is a temporal landmark or a moment that evokes a flood of positive core memories for most of us. However, despite their fondness for hot apple cider and carving jack-o-lanterns, most risk managers and information technology professionals likely associate the month of October with Cybersecurity Awareness. And we can’t blame them. October is, after all, Cyber Security Awareness month, and the unfortunate circumstances that can arise due to poor cybersecurity practices can be much more frightening than any Halloween scare.
According to IBM’s Cost of Data Breach Report, phishing is the costliest type of cyberattack in 2022, costing $4.91M. And human error is (still) consistently the leading cause of cybersecurity breaches, accounting for 95% of all data breaches. Organizations have battled human error since welcoming technology into the workplace. Whether employees ignore security software updates or fall victim to phishing emails, breaches can evolve from countless avenues due to fundamental human error.
Over 90% of data breaches and hacks result from phishing scams that appear most frequently through emails, where criminals pose as legitimate institutions to obtain personal information. Successful phishing cyberattacks are costly and can cause substantial interruptions to your operations.
If you’re unsure you’ve identified a potential email phishing scam, remember to always err on the side of caution and report it immediately. If you suspect an email phishing scam, here’s what to look for:
- Poor grammar and spelling
- Blurry and pixelized logos/graphics
- Requests that violate established rules
- Requests that are deemed urgent, lack context and are outside of normal business operations
- The “From” email address does not match the sender’s actual name or email address
- Suspicious embedded URLs (hover over the link without clicking to see the actual URL address)
- Suspicious attachments with odd, unrecognizable file names
Identifying common phishing scam tactics is the first step to mitigating cybercrime. Raising awareness about all types of phishing scams through training and education is the most effective defense.
CIRMA Risk Management offers a Cyber Webinar Series through its exclusive CIRMA member Vector Solutions platform. This robust training and education tool features cybersecurity-related online training courses and webinars proven to educate employees and reduce costly and disruptive cybercrimes, including phishing attacks.
Learning how to be cyber-smart has never been more convenient. CIRMA’s online courses and webinars allow employees to learn at their own pace, 24 hours a day, seven days a week.
If you haven’t taken advantage of the many benefits available through CIRMA’s exclusive online training and education platform, contact your local CIRMA Risk Management representative to get started today. There is no additional charge to CIRMA members for this service.
Visit CIRMA’s Cyber Center for more information on preventing and managing cyber exposures.
Cyber Resources Created for CIRMA Members:
Don’t Miss Out: Cyber Assessments for CT Municipalities
New cyber assessment resources are available to help your public entity address evolving cybersecurity threats head-on.
Still Using Weak Passwords? Do This Instead.
Despite being widely known as the first line of defense in avoiding cyber-related incidents, passwords have long been firmly established as the weakest link in…
The Scary Truth: Phishing Cyberattacks
Over 90% of data breaches and hacks result from phishing scams that appear most frequently through emails, where criminals pose as legitimate institutions to obtain…
Whitepaper: Create a Home Work Environment that Works for You
Creating a home workspace does not require extraordinary upgrades to your home or even purchasing fancy office equipment. Setting up a workspace with basic…
Social Engineering: How to Protect Your Municipality
Social engineering cyberattacks are becoming increasingly prevalent, costing municipalities millions annually. According to IBM’s latest Data Breach Report, social engineering attacks cost an average…
Wellness at Work
The adoption of workplace social and emotional health programs skyrocketed over the past two years due to heightened visibility during the pandemic when remote…
Preventing Tick-borne Disease Exposure
In Connecticut, occupational exposure to tick-borne diseases is a recognized hazard. Outdoor workers must protect themselves in the spring, summer, and fall when ticks…
Preventing Sprains & Strains
Sprain and strain injuries are the most common and costly workplace injuries. Employees can injure their knee, shoulder, wrist, or back while performing everyday…
Bee and wasp stings are a common summer nuisance that can turn deadly if the victim develops a severe allergic reaction (anaphylaxis). Public Health…