2024 Gartner® Market Guide for Managed Detection and Response
2024 Gartner® Market Guide for Managed Detection and Response Get the Report
Training To Prevent Phishing Attacks
Pondurance
October 4, 2024
Threat actors are constantly attempting to infiltrate the networks and systems of companies in all industries. In past years, most cyberattacks started when a threat actor exploited a vulnerability on a company’s network. But today, the Cybersecurity and Infrastructure Security Agency (CISA) reports that more than 90% of all successful cyberattacks start with a phishing email.
A phishing attack begins when an email user receives an email from someone claiming to be a known, trusted source and is deceived into providing credentials or sensitive personal information, such as passwords or bank account numbers. This year, the Pondurance team has seen a substantial increase in phishing emails with a financial lure, especially involving tax rebates and refunds. Also, malware delivered via phishing emails — attacks that are initiated through email links and attachments that lead to a malicious website — is on the rise.
Such phishing emails can be convincing, especially with the increased use of artificial intelligence (AI). In past years, an email user could often identify a phishing email by its awkward language and poor grammar. But AI services, such as ChatGPT, are now using more convincing language and proper grammar in the email text, making phishing emails harder to detect. That’s just one reason why annual phishing awareness training for employees is more important than ever. Phishing awareness training can help employees identify phishing and learn how to report suspicious activity.
Identify phishing
Every day, employees receive dozens or even hundreds of emails and spend only a brief time determining whether to respond, save, or discard each of those emails. If one of them is a phishing email, it’s a quick hit. Once a phishing email is open, the median time to click on a malicious link is 21 seconds and only another 28 seconds for the user to enter any requested data, according to the Verizon 2024 Data Breach Investigations Report. That means that the median time for a user to be deceived by a phishing email is less than a minute. With such a short trigger time, it’s necessary that employees are properly trained to know how to identify phishing.
To stay safe, Pondurance recommends that email users watch out for the following telltale signs of phishing:
An email address that’s not quite right. For example, IRS@gmail.com or getyourrefund@hotmail.com would not be emails from the IRS. Also, threat actors use slight differences in spelling to trick you, so carefully examine the email address.
An unfamiliar email address from a familiar sender. If you don’t recognize the email address, you should not respond without first checking it out.
Urgent language. If an email sender tells you to act quickly or offers an emotional appeal for action, think twice before responding.
Shortened URLs. Do your due diligence to make sure that a shortened URL is one used by the company or sender.
Links in email copy. Always hover over the link first to make sure it is taking you to a legitimate site. Also, never click on the “unsubscribe” link of a suspicious email.
Suspicious attachments. Never open an attachment from an unknown sender and be cautious about any email attachment sent to you.
Unusual tone or language from a familiar sender. AI has helped threat actors with the text of their emails, but you may still see some bad grammar and typos in phishing emails. If so, proceed with caution.
Any request for login credentials, money, personal information, or financial information. You should never provide this information because legitimate organizations typically will not ask for it via email.
Report phishing
If you suspect phishing, it’s important to report it to safeguard your company from possible exploitation by a threat actor. Your company should have cybersecurity protocols in place for how to report a suspicious email, and employees should follow those protocols. If there is no specific plan in place, you should report the email as phishing using the “report” button in the toolbar or settings. Then, delete the email.
There are also numerous ways for a company to report the suspicious email to an agency that can conduct an investigation into the phishing attack. You can contact CISA, the Federal Trade Commission, the Anti-Phishing Working Group, or the FBI’s Internet Crime Complaint Center to take further action with authorities.
Conclusion
With more than 90% of cyberattacks starting with a phishing email, staying vigilant against phishing attacks should be a priority for every company. Implementing annual phishing awareness training can teach employees how to identify and report phishing to prevent a malicious attack. Learn more about how to combat phishing at your company. How To Prevent Phishing in O365 Checklist.