Cyberattacks skyrocket during the holiday season, especially those that use spear phishing to target victims. According to the recent Carbon Black Holiday Threat Report, cyberattacks are on track to increase by nearly 60% this season alone. Don’t be a victim. This report identifies the simple steps everyone can take to help protect themselves and their company.
Most holiday-centered cyberattacks on businesses come from malware, typically delivered via spear phishing campaigns, according to the report. Companies are also the most vulnerable during the holidays, struggling to keep security teams available for holiday hours. However, the best way companies can stay protected is actually nontechnical, and more interpersonal, the report found.
Businesses can best protect themselves by creating a company culture that prioritizes cybersecurity and internet safety. To help companies stay safe from phishing attacks, the report identified the following three ways to spot a spear phishing email:
1. Evaluate the email’s basic hygiene – Often with these emails, you’ll see poor grammar, misspelled words and unorthodox URLs. Also, regardless of who is sending an email, be sure to do a brief check to ensure the sender’s domain and email address are accurate and known to you: check the sender address before opening the e-mail or look at it in a preview panel first.
2. Determine the email’s content and motivation – Any requests for personal or financial information should be viewed with extreme caution, especially in business settings where attackers are keen to use spoofed emails from executives to target lower-level employees. Ensure your employees are familiar with company internal policies with regard to how and what personal information they will ask an employee to provide.
3. Attachments and link landmines – Downloading an attachment from anyone other than a verified, trusted source is perhaps the quickest way to get yourself in trouble when it comes to a phishing email. Attackers are aware of this and, as a result, will often use links inside of attachments to target victims.
Companies can protect against spear phishing emails by check the message’s basic hygiene, determining the email’s motivation, and taking caution with opening attachments.