In business, you have an obligation to protect employee, client and company data. If personal information becomes compromised, the individuals affected could hold you liable. One of the most common ways for cybercriminals to access personal data is through the use of phishing scams.
The FTC explains that scammers will likely use email to perform a phishing scam.
What is a phishing scam?
A phishing scam occurs when a hacker tricks someone into opening a malicious attachment or link. The received email may appear to be official and might link the individual to a website where he or she needs to enter log-in information. The website logs the keystrokes and gives the hacker access to the person’s login information.
How can you prepare your workers against phishing scams?
Workers need to know what phishing scams are to prepare them for them. Teach your employees to double-check all email addresses before following a link or attachment. Many scammers use email addresses that look similar to official addresses. Some signs that an official email is fake are that it will have a generic greeting, ask for an update of billing information and may claim the account is on hold.
All employees should have the latest security software on their computers to help identify and deal with any security threats. Secure employee accounts with multi-factor authentication. Even if someone manages to phish for a password, he or she still will not be able to log in without other forms of information or access to other devices.
When you suspect a phishing scam, you can report it to the FTC.