Since the start of the pandemic, many businesses have shifted to remote work. Cybercriminals saw the opportunity to target businesses’ remote users leaving unprepared businesses vulnerable to cyberattacks. Phishing attacks have become one of the most prominent data security problems for a number of businesses in South Africa.
“Remote working increased organisation’s reliance on email, creating the perfect conditions for email fraud and phishing,” says Riaan de Villiers, business analyst at LAWtrust Information Security.
In the Mimecast State of Email Security 2020 study, businesses in South Africa reported a 53% increase in phishing attempts and a 46% increase in incidences of impersonation fraud compared to previous years.
Email is a common channel used for phishing attacks. Attackers masquerading as legitimate entities attempt to get victims to reveal personal information to use for malicious activities. Phishing attacks can also be carried out through various other channels, such as social media and phone calls.
“Many businesses are unaware of their vulnerability to phishing attacks and the devasting effect a phishing attack can have on a business,” adds de Villiers. Businesses should take comprehensive measures to protect important data from hackers.
Here is how businesses can protect themselves against phishing attacks:
* Install an anti-phishing toolbar – Business owners who want to protect themselves against phishing attacks can use an anti-phishing toolbar. Anti-phishing toolbars screen all of your web clicks and block possible malicious attacks.
* Update your security software – Another way to prevent phishing scams is to install and update security software. There are a variety of tools that can be used to prevent phishing attacks, including antivirus applications, spam filters, and firewalls. Businesses can also deploy web filters to prevent employees from visiting malicious websites.
* Watch out for emails from unknown senders – Businesses should be on the lookout for unsolicited emails or emails from unknown sources. As an additional measure, you can also manually block emails from specific addresses so that you no longer have to deal with them.
* Organise security awareness training for your employees – To prevent phishing emails, businesses must also provide employees with the appropriate training programmes. They will be able to protect business data by becoming familiar with the patterns of such emails. A good security awareness programme is crucial to achieving a high level of security.
* Set up two-factor authentication – It is vital for businesses to enable an extra layer of security on top of just using passwords, particularly for important accounts. Using two-factor authentication will make it harder for unauthorised users who may want to access company data.
“Knowing how to safeguard your business’ sensitive information should be a security priority since many businesses are likely to become victims of phishing attacks at some point,” concludes de Villiers.