Companies large and small rely on email messaging to communicate. However, most emails people receive aren’t meant to communicate at all. 85% of all emails are considered spam. While some spam is a mere inconvenience, spam can also include dangerous phishing attacks. Phishing emails are fraudulent messages meant to steal the recipient’s personal information. This menace can wear several disguises as it proliferates; 3 billion phishing emails are sent every day!
Phishing rarely stops at stealing personal information. More than half of all phishing emails contain malware. 184 million ransomware attacks happen per year, and that number is only going up.
The most terrifying aspect of cybercrime is that the victim can be anyone. From an unwitting individual to a corporate giant, anyone can fall prey to a cybercriminal’s scheme. The attacks on big businesses especially ripple across society, leaving a trail of destruction in their wake. When Colonial Pipeline suffered a ransomware cyberattack, their supply line was crippled. The whole United States had a massive gas panic.
If large businesses can’t rely on their massive array of resources to stay safe, imagine the impact cybercrime can have on smaller businesses. Over 60% of victimized small businesses close within 6 months of a phishing attack. The worst part of cybercrime is not the ransom payment itself. IT teams can take 83 hours to uncover malicious emails. Recovering from ransomware can cost a small business 6 weeks of their time. 6 weeks is a long time to go without serving customers.
Since customers must be notified of any data breach that may have hurt their data, many customers choose not to return to a business incapable of protecting their personal information. Between time out of the market and customer attrition, a successful phishing attack may deal a fatal blow to small businesses.
What can be done to protect against phishing? The first step is to train employees to recognize the signs of phishing. 85% of scams rely on human error to succeed; a link not clicked is a crisis averted. Next, verify all invoices and payments. A majority of attacks harvest credentials, leading to invoice fraud. Spot the discrepancies before there is no recovery. Finally, invest in email security programs. 43% of small businesses lack cybersecurity plans at their own peril.
Courtesy of Avanan