Phishing Scams Spread During the Pandemic

Research indicates a significant increase in phishing attacks since the pandemic began, placing a strain on IT Security Teams. According to a recent report* performed by Cybersecurity Insiders, not only has the frequency of attacks increased to an average of 1,185 attacks every month, but 38% of respondents say employees have fallen victim to an attack within the last year.

So, what exactly is a phishing attack? Phishing scams are one of the most common attacks you or your staff will come across. They are hugely profitable to 'bad actors' and thousands fall victim each year. Different techniques are used in these scams and can range from legitimate looking links, fake social media accounts, CEO fraud, or vishing–mimic a known entity phone number.

While time and money budgeted toward cybersecurity has proven more important than ever, educating your employees and customers can be instrumental in stopping online opportunists.

Here are 10 simple steps to prevent phishing attacks:

1. Know What a Phishing Scam Looks like

While new attacks continue to develop, phishing scams share commonalities. Check out the top 6 common phishing attacks here , to identify key indicators.

1. Don't click the link

Rule of thumb is to never click on a link in an email–even if you know the sender. Sophisticated scams can direct you to a legit looking website where 'bad actors' are waiting to steal your information. Instead, hover over the link to see if the destination is correct or better yet, go straight to the site through your search engine.

1. Do the updates

The pesty update reminder can be tempting to snooze or put off all together. But there's an important reason for them Each new update provides the newest security patches to keep ahead of cyber-attackers. Not updating your browser could make you vulnerable.

1. Thank you, next (password)

Rotate your passwords regularly to prevent attackers from gaining unlimited access. Can't remember them all? Try a password manager like Last Pass

1. Check for security indicators

If the url of a website doesn't begin with “https” or you don't see a padlock icon, back away quickly. Both are indicators of security certificates and not having them makes your sensitive information up for grabs.

1. Download Add-Ons

Browsers like Google Chrome and Firefox enable you to download anti-phishing add-ons to alert you of prominent phishing sites or potentially malicious ones. These add-ons are free so download and install on every device at your organization.

1. Close the button

Other than being simply irritating, pop-ups are often linked to malware. download and install free ad-blockers to automatically block most of pop-ups. If a pop-up evades the blocker, make sure to always look for an 'x' in one of the corners to close it out.

1. 100% trust is key

If you're going to give out important information, make sure you 100% trust the site. Verify the site is genuine, secure and that the company is real.

1. Firewall up

Firewalls act as a shield between you and your attacker. Installing one on your computer and network can beef up security and reduce system infiltration.

1. Data Security Platform

Consider having a data security platform in place which can automatically alert you to unwanted file changes or anomalous users. Consider checking out Bitdefender .

*2020 Phishing Attack Landscape Report by Cybersecurity Insiders