There’s a reason phishing is one of the most common cybercrimes – it works. Phishing costs businesses and individuals hundreds of millions of dollars globally each year.
Our company is responsible for a large host of digital and physical confidential materials and personal information around the world. Therefore, it’s important to take proper safeguards to protect customer, employee and company information.
Phishing attempts don’t stop at the business level. Cybercriminals attempt to gather individual’s information through personal email accounts. Having the skills to identify these attempted attacks won’t only help to protect the company, but also help protect the security of your own personal email account from hackers.
So, what is it and how do you know when you have been phished?
What’s Phishing?
What’s Phishing?Phishing is when cyber criminals send deceptive emails, website links and text messages to trick people into giving up sensitive data like passwords or credit card numbers. The criminals use stolen data to take over bank accounts, apply for credit cards, infect computers and infiltrate company networks, among other things.
Phishing is bad for individual victims whose personal data may be compromised, carrying serious consequences for businesses that result in significant downtime, hefty recovery costs and damaged reputations.
How does Phishing happen?
It’s not always easy to tell if you’re being targeted by a phishing attack. Phishing techniques change all the time and get more sophisticated every day. Hackers find new ways to tailor their scams, creating increasingly convincing messages that can trip-up even the most cautious people.
For example, phishing emails can be very official-looking and appear like they’re from a legitimate source, such as Amazon customer support, a bank, PayPal – or even our own company or vendors. Cybercriminals hide their presence in little details like the sender’s URL, an email attachment link and more (e.g. administrator@paypal.org.com instead of administrator@paypal.com).
Because requests often seem like they’re from trusted sources, anyone with the best intentions can be duped into responding – downloading an attachment, clicking a link, filling out a form, updating a password, calling a phone number or using a new Wi-Fi hot spot.
Recognising Potential Phishing Attacks
An important part of reinforcing our cyber security efforts is the ability to consistently detect and avoid phishing email attempts that land in your inbox. Following are some typical characteristics of the most common forms of phishing.
In a phishing email, cyber criminals will often ask for your:
- Date of birth
- Social security numbers
- Phone numbers
- Credit card details
- Home address
- Password information
Phishing attempts often include a request or demand for some urgent action. Common examples include:
- Opening attachments, including alleged invoices
- Clicking on links
- Enabling macros in Word documents
- Updating or confirming passwords or other personal data
- Responding to social media requests
- Using new Wi-Fi hot spots
- Reviewing suspicious activity or log-in attempts on an account
When it comes to phishing, it’s important to be vigilant. Condition yourself to look out for suspicious emails. If you receive an email and you are unsure of it’s legitimacy, remember:
If in doubt call it out – contact IT security at: IT.security@carnivalukgroup.com
We all want to be protected from cybercriminals to ensure we are safeguarding data for our Guests, employees and partners. We’ll be sharing more about phishing and what you can do to avoid taking the bait. Find out more about IT Security here and always make sure you keep IT on Your Radar.
If in doubt call it out – contact IT security at: IT.security@carnivalukgroup.com
Click on the buttons below to find out more.
Remote working
Phishing
Social media