Recently, every user at a customer of ours received an email like the one below. (Names have been changed.)
Kindly send me a mobile number I can reach you on.Regards, Susan S. Doe
Executive Director at [Jane’s Employer]
Of course, this email did not come from Jane’s boss. It came from a spammer. One of the recipients responded to the spammer with her cell phone number. It could have been much worse. What if the email had requested sensitive customer or employee information (think social security numbers, bank account numbers, a customer’s intellectual property, etc.) or even a large funds transfer?
Most breaches occur through this type of social engineering scam. Virus protection, VPNs, firewalls, and all the other cyber security protections we provide cannot prevent users from revealing sensitive information out of ignorance or naivete.
Some companies apply an “external” banner to every email that comes from outside the company’s email network. But alarm fatigue reduces the effectiveness of these warnings.
So how can we help employees to recognize these types of scams and arm themselves against them? The answer is cyber security awareness training. The goal of cyber security awareness training is to help employees become more aware of phishing scams, hacking attempts, social engineering attempts and other cyber security threats.
Affordable online cybersecurity training will teach your users how to identify phishing and other scams and how to enhance their security. The training is self-paced, requiring users to complete a series of modules on various cybersecurity threats. It can also be customized to the needs of your company.
If it saves your company from one breach, the training will have paid for itself many times over.
And if a breach does happen, the training helps demonstrate that you performed your due diligence to protect against an attack and were not negligent.
If you would like to learn more about our cybersecurity training offering, please reach out to us by email or phone.