BR +55 11 3069 3925 | USA +1 469 620 7643

Learn how to prevent a phishing attack

by | Apr 14, 2020 | BLOG

Companies are increasingly concerned with information security in their infrastructure, considering that an insecure system is vulnerable to various types of cyberattacks, such as phishing, which is on the rise today.

This type of attack basically consists of invading computers, tablets, cellphones or any type of device connected to the Internet and collecting private data, such as passwords, bank account, documents, personal data, etc.

Companies that fall victim to phishing attacks can suffer incalculable damage to their finances. Therefore, adopting anti-phishing measures is essential to avoid becoming a target for hackers.

Today, I am going to list some essential tips for you to apply to your company’s system and prevent this type of cyberattack.

How a phishing attack happens

Typically, a phishing attack aims to target someone important within a company, such as CEOs, directors, and partners, in order to collect sensitive information from a corporation. For this to happen, hackers conduct in-depth research on the target and produce a strategy focused on that user in order to collect their credentials and important data.

In 95% of cases, hackers act by e-mail, requesting registration updates from the user and directing them to a fake page with the layout and features identical to the original one. The big difference is that all the personal information that is entered on this website are revealed to criminals.

After collecting the data of a highly-influential user of the corporation, the hackers’ actions usually do not stop.

There are many cases in which the data collected has been used to influence other people in the company to share their data with the victim of the cyberattack so that there is no doubt about the origin of the information provided.

Generally, the goal of these criminals is to get financial information by collecting information from credit card numbers, passwords, login data, etc. 

There is also the possibility of implanting malware on the corporate network after the data collection.

How to prevent a phishing attack 

Email

If you receive an email requesting data updates, DO NOT CLICK THE LINK. Visit the official website of the alleged sender and see if they are really requesting any registration updates. I recommend that you do not click even out of curiosity, since you may end up receiving some malware with just the click. Always check directly with the company.

Website

Always check the URL of the websites in which you put your information. Many of these fake websites use URLs that are similar to the original ones, such as:

www.xxxxbank.com instead of the original www.bank.com URL, which can make the user believe that the website is the original. Therefore, pay attention if you are really browsing trusted websites.

Firewall and antivirus

Always keep your computer’s firewall and antivirus on, both together will prevent malware from invading your system.

Make your corporation aware

Tell all employees at your company how to identify and prevent a phishing attack to make it more difficult for malicious people to access your employees’ personal information.

Top 7 Types of Phishing Attacks and How to Prevent Them

Social engineering, in the context of information security, consists of practices performed by hackers to manipulate users to take actions that go against their interests, exploiting their vulnerability and lack of knowledge for their benefit. One of the main types of...

ISO 27001 – What is the importance of having achieved the certification

The process of digital transformation has intensified in companies of all sizes and industries, and is considered an essential factor for business success. One of the main consequences of this process is the exponential growth in the amount of data from customers,...

Principle of Least Privilege: Understand the Importance of this Concept

Granting administrator access to a user who does not even have time to explain why they need this permission is not an efficient way to solve a company's problems but rather to harm its security.  This is because sensitive data can fall into the wrong hands through a...

How to Prevent DDoS Attacks in Your Company?

There are several methods by which malicious agents attack websites and destabilize network services and resources. One of the most widely used techniques is the DDoS attack, which means distributed denial-of-service. Through this attack, a website ends up becoming...

Gartner and PAM: What Does One of the Most Important Consulting Companies in the World Say About this Cybersecurity Solution?

All of us have already heard of digital transformation at some point. This phenomenon affects companies of all verticals and sizes and has been gaining prominence in the market.  Digital transformation increasingly requires organizational leaders to adapt their...