“Why would Joe from Accounting send me a document asking me to enter our company financial information? Oh well…if he’s asking he must need it.”
“Sandra from HR is asking me for my SIN and my new direct deposit information again. I gave it to her last week in her office. Meh—she’s hard to get hold of. I might as well re-enter it on this site.”
Guess what? These folks just gave away their company and individual information to an unknown source. They got phished.
The site that “Sandra from HR” used looked legitimate. The email that “Joe from Accounting” sent even came from his email address. But they ended up giving away sensitive information and put a series of events in motion that could have devastating impacts. This happens every day to people around the world. Yes, even here in Winnipeg.
Organizations of all sizes have valuable information whether they realize it or not. Banking, corporate and individual identities, and intellectual property are all hot commodities for criminal organizations. Information like this is usually obtained by tricking users into giving it away, not by some dude in a hoodie hacking your network (although that happens too, for sure). It is generally WAY easier to get people to give it voluntarily.
“End-user awareness and training reduces security-related risks by 45% to 70%.” – Reuters.com
95% of all security incidents are due to human error. Training your employees to detect and avoid cyber threats is critical to protecting your organization’s data.
October is Cybersecurity Month, so Broadview Academy is offering three sessions to learn how to avoid getting burned by phishing scams and other cybersecurity threats. We can also do sessions specifically for your organization at your location or ours.