Spear phishing is a cyberattack method that hackers use to steal sensitive information or install malware on the devices of specific victims. Spear-phishing attacks are highly targeted, hugely effective, and difficult to prevent.
So how can you reduce your risks?
At datamills, our “Cyber Division” has been launching free employee phishing simulations for local companies who want to test their readiness to resist cyber attacks.
Over the last year or so, we have worked with a handful of local companies to see how prepared their staff members are.
The phishing simulation involves sending a (fake) phishing email to all staff members to see how they respond to it.
Do they open the email?
Do they click on the link in the email?
Do they go ahead and give away password information when it is requested after following the link?
The results show the business owner how prepared their staff is, and where more training is needed.
Phishing simulation results
So how did businesses in the Sheffield and South Yorkshire area do in these simulations?
About 2 thirds of all staff opened the suspicious emails.
Half of these (i.e. about 1 third of all staff) clicked on the link.
And just under half of those (i.e. about 20% overall) actually gave away sensitive information (like passwords etc).
Why run a phishing simulation?
We commend the local businesses who have chosen to test themselves, and who want to improve their security. It’s not comfortable to see where your own weaknesses are. But it’s the best way of finding out what you can improve on, and of being aware that the risks ARE out there and they are real. It can be awkward to admit that you made a mistake. But it’s crucial to feed back immediately you realise that you may have compromised business passwords etc, so that accounts can be secured as soon as possible.
Running these simulations is a great way to raise awareness of cyber security with your staff. It’s a great way to work out where more training would be a benefit. And it’s good practice for building a company culture where transparency and continuous improvement are valued.
Give us a ring on 0114 287 0510 if you’d like to have a free phishing simulation for your business.