Phishing is the practice of using expertly written emails to make you accessing a harmful website, downloading a strange file or giving your password so that the hackers can access your personal data or a company network.
One example of phishing attack can be an email sent to recipients mentioning that the password will expire within 24 hours, and mention them to click on a link that takes them to a copy of renewal page from the original site. The hacker that is monitoring that page will receive the password and he will grant access to secure sections from your company.
Besides email account upgrade methods bellow are other phishing examples:
- Invoice Scam
- Google docs Scam
- Messages from HR Scam
- PayPal Scam
- Unusual activity alert Scam
- Dropbox Scam
- Man in the Middle
Always inform your IT colleagues if you believe you’ve fallen victim to a phishing scam, especially if you were using a business computer or email address. Always read carefully all the details in the emails that you received, and always keep your information’s safe and secure.
Try to Educate employees on how to identify attacks, Simulate phishing attacks with your employees and Incorporate cyber security campaigns so that you will be always prepared.