Do you and your workers know about the dangers of spear phishing? If not, you might be setting your company up for an online security breach, giving cyber criminals a chance to break into your business’ network. PCWorld recently covered the very real danger of scammers who use fake social network IDs to deceive employees into surrendering information that enables these criminals to sneak into company networks.
Chilling example
The PCWorld story highlighted a phishing incident that Websense Security Labs uses as an example: In this attack, a cybercriminal made a fake LinkedIn profile of a woman named Jessica Reinsch, who was supposed to be an employee of a real dating Web site. Jessica Reinsch, though, does not exist. And the criminal behind the fake ID used it to acquire important info from a variety of businesses. The fear? That the imposter might have used this information to hack into business’ networks.
Not prepared
The truth is, as the PCWorld story shows, way too many businesses are not geared up for phishing attacks. A survey by ThreatSim found out that almost 60 percent of 300 IT executives, administrators and professionals in U.S. organizations considered phishing to be a minimal threat.
Reality
The PCWorld story should make it clear that phishing is certainly not a minimal threat for businesses. As reported by the same survey, more than one in four respondents reported phishing attacks that led to a material breach within the past year. The message here? Be cautious about those people your staff members meet on social networks. One never knows which ones may not be legitimate.