There Are Still Many Victims Of Phishing Attacks, Here Are Recommendations From Experts To Prevent Company Data Leaks
JAKARTA - Phishing is rampant in today's digital era. Not only ordinary people, even employees of cybersecurity companies are also often fooled by phishing emails.
This is evident from the phishing simulation data from Kaspersky Security Awareness Platform showing that employees are less likely to be aware of the latent dangers of email with subjects related to company issues and notification of email delivery issues. As many as 1 in 5 employees (16-18%) still click on email templates that mimic phishing attacks.
“The methods that cybercriminals use are constantly changing, apart from using common cybercrime scenarios, simulations must also imitate the latest social engineering trends,” said Elena Molchanova, Head of Security Awareness Business Development, Kaspersky.
To prevent data leaks, as well as other financial and corporate reputational losses from phishing attacks, Kaspersky recommends the following:
Alert employees to signs of phishing emails. Dramatic subjects, typos or typos, inconsistent return addresses, and suspicious links. If the email received is questionable, check the format of the attachment before opening it and check the accuracy of the link before clicking it. This can be done by placing the cursor in the attachment section, making sure the return address is clear and genuine, and the attached file is not in executable format (.exe). Always report any phishing attacks. If you become aware of a phishing attack, notify IT security and, if possible, do not open the email. This can help the company's cybersecurity team update anti-spam policies and prevent attacks from occurring. Provide basic cybersecurity knowledge to employees. Education is geared towards changing employee behavior and teaching them how to deal with attacks. Since phishing attacks can be confusing, and there are no guarantees avoiding all accidental clicks, protect your work device with reliable security. Choose a solution that has anti-spam capabilities, tracks suspicious behavior, and backs up files in case a ransomware attack occurs.