Last year, 94% of South African businesses were the target of email phishing attempts. These attacks are becoming increasingly sophisticated, with cybercriminals using carefully researched demographic data to create more realistic and accurate scams.
To help you protect yourself and your business, web hosting provider xneelo shares some invaluable advice for staying alert, from how to identify a phishing attempt to what you need to do if you or an employee has been exposed.
What is phishing?
Phishing is a form of cyberattack that acts like a wolf in sheep’s clothing. Victims are sent a communication from what they think is a trusted source, like an email from their bank, that is actually a clever fake, designed to steal sensitive information such as passwords, credit card numbers, pin codes or other personal information. This data can be used for a number of malicious purposes including identity theft, fraud, ransom, unauthorised financial transactions, sale on the dark web, and even espionage.
Types of phishing attacks include:
- Email phishing: an email posing as a legitimate entity
- Spear phishing: a customised, researched attack that targets specific groups of individuals or businesses
- Whaling: targeting executives within an organisation
- SMS phishing (smishing): scam attempt sent via a text message
- Voice phishing (vishing): voice calls or recorded messages
- Website phishing: a fake website that looks just like a legitimate one
How to identify a phishing email
A phishing email will look like it is from a trusted source, and contain an instruction for you to provide certain sensitive information or click on a link or attachment. Caution and vigilance are key to prevent falling victim to a phishing attack. Always be wary of emails or messages that ask for personal information or urgent requests.
Characteristics of a potential phishing email include, but are not limited to:
- Spelling mistakes or bad grammar
- An unfamiliar or strange email address or sender
- A strange url
- A sense of urgency
- Blank or vague emails with attachments
How to protect your business against phishing attacks
As a business owner, you don’t have eyes on every single email that passes through your server, but there are steps you can take to prevent anyone in your business from being caught in a phishing net.
- Educate your team on how to identify a phishing email
- Implement multi-factor authentication for all accounts and systems that store sensitive information
- Put email spam filters in place to stop phishing emails before they enter your inbox
- Speak to your hosting provider about what security measures are already in place – xneelo offers spam filtering on all email addresses associated with your web hosting account, for example.
- Implement a Zero Trust policy that requires verification and authentication for all devices and networks to reduce the risk of external and internal threats.
What to do if you have been affected by phishing
If you or a member of your team have fallen victim to a phishing attack, here are some immediate steps you should take:
- Change any passwords that were affected.
- Report the attack to the legitimate business the email pretended to be from and ask them to take action on their side.
- If credit card details were compromised, cancel the cards immediately and call your bank’s fraud support line.
- Immediately enable two-factor authentication as an extra layer of security.
- Contact the authorities. Cybercrime.org.za is South Africa’s national fraud and internet crime reporting centre.
- Review your credit card and bank account statements to check for suspicious or unauthorised charges.
By taking these steps, you can help to minimise the damage caused by a phishing attack and protect your personal and financial information.
Always keep an eye out for phishing attempts and do not share your personal information or passwords with anyone. No trustworthy company will request your personal information (login details, passwords, etc.) especially not via email.
Ask questions, verify all banking details, and don’t make any transactions unless you’re absolutely sure what they’re for and who the payment is going to. It’s better to be safe than sorry – and out of pocket.
These guidelines will help you protect your business, and your team, from phishing and other types of cybercrime.
Xneelo is a web hosting company dedicated to helping entrepreneurs create and transact online. Start your web hosting journey at xneelo.co.za.
All rights reserved. © 2022. Bizcommunity.com Provided by SyndiGate Media Inc. (Syndigate.info).