Please see our Work from Home guide for you to share with your teams. We hope you find this useful.
Phishing scams hook thousands of small businesses in America every year. Their haul…? On average…? $54,000. For a large, well-established company, that figure might seem like ‘the cost of doing business’ online… but, for the thousands of small and mid-sized business owners operating across the country, that kind of loss can flounder – or sink – their company. And, for every cyber-attack, the ripples hurt more than their bottom line. They rob your employees – and your customers – of their peace of mind.
Phishing scams aren’t just for seniors
When you think about cyber-crime, the first image that pops in your head might be a naïve grandparent accidentally clicking on a link from an email on the account their granddaughter set up for them.
But competent, dedicated, and qualified employees fall victim to phishing scams with alarming regularity. Not because they’re naïve, but because they’re swamped and struggling to get through their inbox.
And 1 in every 99 emails is a phishing scam.
So when your employees see words like this…
- Complaint filed
- Grievance filed
- Open enrollment
…their instinct is to click on the link quickly and deal with the issue so they can get back to the business of building your business.
Phishing scams rely on your employees staying current
We’ve all heard the saying, “When you make something idiot-proof the world just makes better idiots.”
Successful cyber-criminals are far from idiots, though.
Aside from being persistent and tech-savvy, they’re paying attention to current events…and recent trends indicate they’re counting on their victims staying current, too.
The newest trend in cyber-crime hinges on mining the headlines. Phishing scams are designed to tap into current events – coronavirus, the election – and provoke a reaction to engage their victim’s natural curiosity about the issue.
So, while an “URGENT XYZ” or “IRS ALERT” subject line might not make it past their naturally cynical filter, emails that address COVID benefits or election fraud might slip through…
Your employees are trying to stay abreast of current events – and who can blame them?
But, with most of your workforce operating from home, the lines between work and personal browsers are blurred. So their reflex to follow the link – rather than following the source – results in a greater liability to your company.
Phishing scams have five prongs
Unlike Poseiden’s trident, phishing scams, according to Microsoft, are five-pronged:
- An urgent call to action or threats.
Even the most critical tech specialist can fall prey to a threat to their personal security. After all, they’re human…if they receive a message saying they – or their family – are vulnerable to even a minor threat like credit card fraud, their instincts will lead them to click on the link and solve the issue.
- Poor spelling and grammar.
This can be a blindspot. But it’s one of the biggest signals that something isn’t right…scammers often don’t have a grasp of spelling or grammar norms.
- Suspect links.
Does the link match the wording of the email? If it’s a phishing scam, odds are good that the link bears little resemblance to the actual IP address. Hovering over the address will show you where the link is really leading.
- Mismatched email and web domain.
A common phishing scam tactic is to camouflage their web domain. The web address and email address won’t match. Your employees have to take a moment to compare them.
- Altered web addresses.
The links contained in phishing scams will contain subtle spelling variations. For example, microsoft.com will appear as mircosoft.com. It’s an easy detail to miss if you’re trying to get your inbox down to 50 unread messages.
You might assume that your remote workforce is paying attention to these red flags. But it’s more likely that your team members are juggling the challenges of working from home – with or without kids underfoot. Their attention is divided. And gaps in their tech knowledge are greater.
When they don’t have someone from IT down the hall to question, innocent mistakes can be made.
Phishing scam costs are three-pronged.
The costs aren’t hard to measure. If your company falls victim to a breach, you’ll want to follow the steps laid out by the FTC to ensure your internet safety to mitigate…
- The harm to your reputation.
- The inconvenience of issuing refunds for fraudulent purchases.
- The efforts to regain the trust of your customers.
For small and mid-sized businesses, this can add up.
As a Microsoft Gold-Level Partner, we can recommend the software you need – and can afford – to safeguard your company from phishing scams and other breaches to your company’s data security.
Contact us and we’ll get the conversation about your online security and productivity started.
Enjoyed this article? Here are three more to help you:
- How Your Remote Workforce Can Thrive With the Right Tools
- The evolving role of the CISO
- Powering productivity with technology during a crisis
Contact me at email@example.com or call 425 708 8841 if you have any questions or comments on this blog.
Limited time offer: Let Amaxra manage your Office 365 licensing and we will configure security such as multi-factor authentication at no additional cost. Email firstname.lastname@example.org or chat with us on this website to find out more.