Oregon Agency Reports Phishing Attack Affecting 350,000
Incident Among Largest Health Data Breaches So Far in 2019
… So, despite the warnings and training about phishing attacks, why do employees at so many organizations continue to fall for victim to these scams?
“Criminals are very crafty at making phishing emails look real. Also, people are sometimes in a hurry to read [or] respond to email and don’t pause to ask themselves if an email is legitimate,” notes Keith Fricke, principal consultant at tw-Security.
As phishing scams become more sophisticated, organizations need to stay vigilant to defend against such attacks, experts note.
… Fricke offers a similar perspective. “Some organizations do not conduct internal phishing campaigns to test their workforce and require follow up training for those failing the exercise. The lack of training and awareness is a contributing factor.”
Technology tools, of course, are also critical in the ongoing, and escalating battle against phishing attacks, Fricke adds.
“Technologies that filter spam and some phishing are a good and necessary start. Implementing two-factor authentication into email is important, as it reduces the opportunity for criminals to compromise a legitimate email account and use it to make recipients believe that fake emails are coming from an email account they are familiar with,” he says.