Cybercriminals target computer users at home and at work, sending fake emails to solicit personal information. They might fake an email from a bank, trying to get account details. Or they might hack a friend’s email account, then send emails to make targeted victims think their friend is in trouble and needs financial help. These are just a couple of examples of phishing. Without proper training, it’s all too easy to become a victim.
Phishing accounts for 90% of data breaches, according to Retruster. And phishing is growing. Cybervillains create about 1.5 million new phishing sites each month. Unfortunately, they’re working—76% of businesses admitted they were victims of phishing in the last year, and a surprising 30% of phishing email messages are opened by targeted users.
As cybercriminals become more professional, their phishing attempts become cleverer, so even a sophisticated computer user might fall for them. Your employees might receive an email that looks like it’s from a legitimate business telling them they must urgently reply to the email or visit a website to update or verify information. Many of these phishing attacks look so convincing that your employees bite. But once an employee clicks the link or goes to the spoofed website—which may look nearly identical to a bank’s, credit card’s, or other trustworthy institution’s site—they’re prompted to enter PINs, Social Security numbers, or other information that the hackers immediately steal.