The challenges, threats, and risks of business cybersecurity breaches are vast and phishing is the biggest menace of all.
Phishing is an attempt to acquire sensitive data and information from your business, typically in an email or on a website. It can be so sophisticated that even those who are in the know can be fooled. The ramifications are extensive. According to IBM, the average cost of a phishing data breach is $4.91 million.
Establishing and maintaining good email practices is one of the best ways to prevent a cyberattack. Our friends at centrexIT developed some useful tips about combating email phishing and PBO Advisory Group is happy to share them with you.
Use the 3 Question Rule
Before clicking ANY link or attachment in an email, ask yourself:
- Do I know the sender?
- Was I expecting this?
- Why do they want me to click?
If the answer to any is NO or YOU AREN’T SURE, don’t click.
Verify Before You Trust
Receive a phishy email? Don’t engage! Instead, call the person directly to make sure it’s legit. Verification is key.
Know the Red Flags
Phishing emails often contain giveaways: poor grammar, urgent language, or too-good-to-be-true offers. When in doubt, delete!
The Golden Rule of Email
Treat EVERY email as if it’s a phishing attempt. Always.
We encourage you to share this information throughout your organization, even if you have a phishing (and cybersecurity) training program in place. Reminders about good anti-phishing practices go a long way in helping your organization stay attack free. If you don’t have a cybersecurity and phishing training program, we can work with the folks at centrexIT to help you establish a curriculum geared toward the specific needs and vulnerabilities of your organization.
For more information, please contact Michael LaMoureaux.