In the old days (ie last year!!), a dodgy email had a whiff to it – there was something that triggered your subconscious. That’s because some phishing emails were really badly written with terrible English. But others just had a sniff about them- something that made you suspicious.
But today we see increasingly clever emails designed to fool you.
According to CertNZ (the official NZ Government Cyber Security unit), Q1 2021 saw a slight decrease in phishing, but its getting more expensive. Total reported financial loss was up 7% to $3Million and 46% of the events reported were phishing attacks.
Examples of phishing include :
Everyone is busy. Inboxes overflow, timelines are unforgiving, distractions are plentiful. Because we are short on time we can’t double check everything 100%. Yet we must. Because it’s a matter of if, not when, the best of us will click on one of these links. That’s when all hell will break loose and the world comes to a halt while we dig our way out of the mess.
It’s better to head things off before they happen. There are things you can do. We’ve raised the opportunity to use eLearning to increase awareness. We also know that phishing tests are a crucial piece of the puzzle to raise awareness.
Phishing tests – the email security equivalent of a firedrill
These help overcome apathy and remind your teams that even the most aware person, when they are busy, can make a mistake. Think of it like a firedrill. We send all your colleagues phishing emails. The only difference is that they are benign. However, we record who clicks and who doesn’t, then give you a full report.
It has to be regular (like health and safety). Because vigilance is key, we do this every quarter. So we make it quick and convenient so that people take up the learning and stay on their guard.
KARE for Security complements your existing maintenance contract with an enhanced security package, designed for the modern cloud-anywhere world. It’s a mixture of tools that go beyond traditional IT support to help you harden your ICT against intruders.
What more can you do?
Cert NZ is the NZ Government Cyber Security unit – it’s worth reading their top recommendations – https://www.cert.govt.nz/it-specialists/critical-controls/ – you’ll see that a Kinetics KARE plan helps you minimise your risk