Important as emails are to everyday business, most of the messages people receive are considered spam. In some cases, this means the messages are irrelevant or annoying, but in others, it means they’re dangerous. At least 3 billion phishing emails (fraudulent emails meant to steal personal information) are sent every day. Phishing emails come in many varieties. Oftentimes they are the first step of a more sophisticated attack.

Unsuspecting individuals are common targets for cybercrime, but so too are large companies. In recent times, an organized attack halted 20% of JBS’s meat production by locking down digital systems with integrated ransomware. The Kaseya ransomware attack infiltrated up to 1,500 of Kaseya’s customers.

If big businesses can fall victim to phishing, imagine the impact it can have on smaller businesses with fewer resources. Following a phishing attack, over 60% of small businesses close permanently after 6 months. Aside from the money lost directly in a cyberattack, 70% of customers no longer want to shop at a business after it has faced a data breach. The weeks of recovery time and lost customers do more to end a business than the initial attack, compounding the tragedy.

How can companies fight back against phishing? The first step is to establish an employee training program. 85% of scams rely on human error to succeed. While training will not stop all phishing attacks, it will lower the number of employees who click suspicious links. Next, verify all invoices and payments. A majority of attacks involve credential harvesting, leading to invoice fraud. Finally, watch out for discrepancies. Email security programs catch a lot, but humans must also be vigilant.

Courtesy of Avanan