Preventing phishing – A serious threat to organisations

Phishing – A serious threat to organisations 

Our expose begins with a simple question. What is phishing?

In a nutshell, phishing is a fraudulent attempt to trick people into revealing sensitive information such as usernames, passwords, credit card details etc. by cybercriminals disguised as a trustworthy party. While phishing attackers can disguise their attempted phone calls and messaging applications, email remains a widely exploited means to reach users easily. The goal with email phishing is to hoax the email recipient into believing that the message is something they want or need — a request from their bank, for instance, or a note from someone in their company — and to click a link or download an attachment.

Sadly, it is one of the oldest types of cyberattacks in the book, dating back to the 1990s. To this day it is still one of the most widespread and pernicious, with phishing messages and techniques becoming increasingly sophisticated.

In the wake of Coronavirus (COVID-19), phishing has taken yet another dimension. Due to the lockdown measures imposed globally, to contain the spreading of the disease, most organisations have had to shift to a Work from Home model of operations to maintain business continuity.

Having been caught off guard with this unprecedented situation, companies have had to re-engineer their networks to cater for remote access capabilities. These measures have had to be urgently implemented to provide staff members access to their systems and applications. Organisation have seen their attack surface grow as employees have started working from home without the same security controls, as they would usually have at the office.

Cyber criminals have been exploiting the vulnerable position companies find themselves in, to send phishing emails claiming to have important updates or encouraging donations while impersonating trustworthy organisations. The fraudulent practice can flourish in the current situation as recipients are induced to reveal personal information, such as passwords and credit card numbers. This when successful, creates havoc for companies through loss of sensitive information as well as money.

In this moment of deep crisis and uncertainty, companies are focused on keeping operations afloat. However, it is critical to also ascertain organisations remain secured and that cyber threats are avoided at all costs. This is where Rogers Capital Technology comes into play.

Our free phishing campaign can immediately be deployed to employees by the IT department to generate the required awareness. At your disposal is an automated platform in partnership with KnowBe4, the world-renowned information security awareness platform available in Mauritius.

Key features of the FREE service include:

  • Operational from day 1
  • Tests for up to 100 users
  • Customised landing page users see after the click
  • 25+ COVID-19 phishing templates
  • PDF report with Phish–prone % & data, emailed in 24 hours
  • In-built Learning Management Solution for customised enterprise learning.

Make the most of this free and no–commitment tool today. Secure your enterprise network, empower employees and avoid phishing attacks!

Contact us

ASHISS SOOBHUG

Manager – Information Security Advisory

securityadvisory@rogerscapital.mu