Rhodes warns businesses to “act fast”
Given the cyber attack on the NHS recently, Matt Rhodes, commercial services manager of Quiss Technology, has penned an article on what individuals should look out for and how to safeguard against attacks.
Wednesday, 22 Nov 2017 09:11 GMT
Matt Rhodes of Quiss Technology says businesses should act fast before they are the next target of a cyber attack
He says: “Every new employee should be given security training as part of their induction process with a focus on phishing—what it is, what to look out for, how to handle suspect emails, etc. Refresher sessions with regular updates on changes in attack methods and defence techniques should also be offered. But, even with such measures in place, it is impossible for any business to predict how an employee will react to a real attack until it happens.
“Criminals launch increasingly sophisticated attacks, knowing they only have to be successful once in order to access sensitive information which they can steal or use to hold organisations to ransom.”
Rhodes warns people to be on guard, saying: “As criminals become more skilled in their approach, they use personally addressed emails from familiar looking contacts. Through social engineering, criminals are able to craft emails which appear to come from someone known to the recipient. Usually, information they need is easily available on social media channels and even on a target organisation’s website.
“Generally, phishing emails prompt readers to respond to an action, like confirm details or orders which requires a link to be clicked on or an attachment to be opened. Links typically direct the recipient to a convincing yet fake website and when they arrive on the site, they will be duped into entering log-in information, account passwords etc.”
Anyone who responds inappropriately will receive an email telling them they have been caught by a phishing attack and will remind them to be more vigilant in future”
Rhodes explains that Quiss can help combat the risks of modern phishing attacks by conducting similar attacks on employees. He adds: “Replicating real methods, they create credible emails which appear to come from familiar contacts and target employees at different times. Recipients will be unaware they are being tested and will receive expertly crafted emails which use unique emails containing links or toxic attachments, similar to real techniques used by criminals.
“Anyone who responds inappropriately will receive an email telling them they have been caught by a phishing attack and will remind them to be more vigilant in future. The service is designed to engage everyone in the security process and help identify areas for improvement so organisations can better concentrate training on the people that most need support.”
Rhodes says businesses need to act fast: “Cyber criminals are skilled in pinpointing vulnerabilities and their attack methods will inevitably become more sophisticated. It’s only a matter of time before your business becomes their next target so act fast—try phishing employees, or someone else might beat you to it.”
If you have an interesting story or a view on this news, then please e-mail
news@signlink.co.uk
Follow Jo on:
