What is Phishing?
Phishing is a form of cyber-attack carried out by hackers with the aim of tricking users into providing them with confidential data and information. Research suggest that up to 45% of UK businesses have suffered and attack in the last 2 years, making it one of the most common forms of cyber-attack.
Common Techniques Used
Whilst the main goals of most phishing attacks are similar, to gather sensitive information, the techniques used by scammers from their targets can differ considerably. The following are some of the most common you should be aware of:
• Downloading Software – This phishing method involves hackers sending emails with links to a website or downloadable attachments whilst impersonating members of your organisation. When the link is clicked, or attachment downloaded, the hacker has access to download malicious software onto the device which will then retrieve any data they want.
• Invoice – Again, this method makes use of the hacker impersonating someone, in this case a supplier, bank or partner organisation. The hacker will send an email requesting your bank details or click a link, after claiming that there is an outstanding invoice to be paid. Either way the hacker is able to access your organisations bank account through the details provided.
• Supplier Delivery – This technique involves the hacker asking for updates to payment details before the delivery of an order can be made. The hacker will be impersonating a supplier which your organisation has recently placed an order with. When a user responds, the hacker has access to your payment information.
• Compromised account – The hacker will send an email asking you to reset your password for an account with a separate company that the hacker is impersonating. The email will claim your account has been compromised, and when you reset your password, the hacker is given access to your information.
In an ever-changing landscape of Cyber Threats, it is essential that you have the correct, robust cyber insurance policy in place.
For further information and specific cyber-insurance solutions, contact Bullerwell & Co Ltd today.
