Phishing: attacks and prevention
Phishing is the fraudulent use of electronic communications to try and obtain sensitive information, such as usernames, passwords and credit card details by posing as a legitimate institution. Phishing attacks attempt to get individuals to click on a malicious link and enter confidential information to steal their identity, funds or to be the first step in a serious cyberattack against an organisation.
In 2019, 76% of businesses in the UK were affected by phishing, which doesn't come as a surprise when a staggering 97% of people were reportedly unable to identify a sophisticated phishing email (Comtact, Phishing Statistics 2019 - The Shocking Truth). To help lower these figures in 2020, organisations can make login attempts more secure by using two-factor authentication. This consists of individuals entering their username and password combination, followed by submitting another piece of information, such as a pin sent to their mobile phone, to prevent login credentials from being compromised.
However, the main form of phishing prevention comes down to educating individuals on how to recognise suspicious emails, links and attachments so that they don't open them. Our Head of Cyber Consultancy, Mark Belgrove, discusses how Exponential-e can help educate organisations on phishing prevention in the video below.