In 2015, the number of phishing attempts on corporations has doubled between January and June. With the majority of your employees checking their email on secured and unsecured devices, this is a huge threat to your enterprise and needs to be addressed through technology and through your employee’s habits.
According the Proofpoint Threat Report to the first half of 2015, hackers have gone old school with phishing in the form of malicious email attachments. These attachments can be anything but they have been imbedded in Microsoft Office more than anything lately due to the trust people tend to have in it. Email attachments containing malware haven’t been so popular in recent years as a way for hackers to obtain sensitive corporate data and that could be the biggest reason why they have chosen to revive it. We’re not nearly as concerned as we used to be when it comes to opening attachments, especially when they come through work emails.
Unsure where to start in order to better secure your mobile devices? Whether it’s BYOD, CYOD or COPE, this Free Whitepaper will help you map out the best strategy for your company and all of your employees.
These threats make it more important than ever that you have a mobile security solution in place that assumes these threats will take root and will be able to effectively defend and protect against malware. As hackers discover more holes in your defense, particularly with human error, the more important it becomes for your mobile strategy to become smarter and more retroactive.
The general attitude towards opening emails from your corporate address isn’t as skeptical as is would be for a personal account for a few reasons. One is, most people have their corporate email displayed on a directory and on social media sites like LinkedIn so people who are looking for you can find you and contact you without a hassle. Getting emails from strangers in an enterprise setting is much more common and often serves as an introduction to someone or to another company making it much more likely to be opened.
The second is lack of understanding or comprehension of the mobile and end-point security in place. Most of the time, employees are told that there are security measures in place, giving them the impression that nothing bad can get through it. That may be the case sometimes, but this cavalier attitude can be just the opportunity hackers need to phish for information. These general notions have alerted hackers and made them realize that suspicions of phishing have been at an all-time low, making it the perfect time to reintroduce it.
Another major change seen by Proofpoint was the evolution of these phishing attacks to specifically target businesses. Not only are they targeting corporate email addresses, there has also been a surge of phishing malware on LinkedIn. Most people see a LinkedIn request and automatically accept whether they know the person or not and that’s kind of the point. Connecting with people in your industry can open up lines of communication where you can help each other out and it’s a great tool that people generally aren’t too cautious about.
Mobile threats will always be here and will always find a way to worm their way into your corporation, but by eliminating all variables and gaps they likelihood of a security breach that will cripple your company severely decreases.