Don’t Take the Bait!
Security Awareness Training
To combat what experts agree is the most common threat to your organization, Clarus IT Solutions has established an advanced managed training course to educate users and provide the necessary tools to proficiently evade multiple types of internet fraud.
What is Phishing?
Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details via various forms of electronic communication. Email is the most common method, but evolving tactics include texting, VOIP vulnerabilities and social engineering.
Spear phishing attacks, a variation of phishing, target specific organizations or individuals. Spear phishing commonly will appear to come from an organization more closely tied and trusted by the user in attempt to obtain sensitive information.
Like phishing and spear phishing, ransomware attacks can come in the form of an email. If the user clicks a link or attachment, a virus encrypts the computer’s hard drive, rendering files inaccessible. This virus can spread rapidly and typically will attempt to encrypt any files it can access on the network. A message will appear threatening to destroy all data unless ransom is paid. Although these amounts demanded tend to be low, there is no guarantee they decrypt device hard drives once paid. If the business has a solid backup plan in place, then they may be able restore data. This can be a tedious process leaving the organization in disarray as IT tries to put the pieces back together.
Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details via various forms of electronic communication. Email is the most common method, but evolving tactics include texting, VOIP vulnerabilities and social engineering.
Spear phishing attacks, a variation of phishing, target specific organizations or individuals. Spear phishing commonly will appear to come from an organization more closely tied and trusted by the user in attempt to obtain sensitive information.
Like phishing and spear phishing, ransomware attacks can come in the form of an email. If the user clicks a link or attachment, a virus encrypts the computer’s hard drive, rendering files inaccessible. This virus can spread rapidly and typically will attempt to encrypt any files it can access on the network. A message will appear threatening to destroy all data unless ransom is paid. Although these amounts demanded tend to be low, there is no guarantee they decrypt device hard drives once paid. If the business has a solid backup plan in place, then they may be able restore data. This can be a tedious process leaving the organization in disarray as IT tries to put the pieces back together.
Why Should I be Concerned?
Phishing attacks prey on what no program can monitor – a users judgment. Whether entering credentials or simply clicking a link, repercussions of uneducated users falling for phishing attempts can be seriously detrimental to your organization. These techniques have been around for decades, but in recent years hackers have escalated their efforts exponentially and continue to refine their tactics.
According to the FBI, phishing attacks through email have accounted for more than $5 billion in losses between October 2013 and December 2016, with more than 24,000 victims – these are only reported incidents. The volume of spam emails have increased 4x in 2016 and it’s currently estimated that more than half of all emails are spam. Spam emails aren’t merely a nuisance, it is one of the primary delivery mechanisms for attack (IBM Threat Intelligence Index 2017). The trends of these attacks are consistently rising at a rapid pace. It is important to Clarus IT Solutions, as a managed services provider, to keep our users from becoming a statistic.
Phishing attacks prey on what no program can monitor – a users judgment. Whether entering credentials or simply clicking a link, repercussions of uneducated users falling for phishing attempts can be seriously detrimental to your organization. These techniques have been around for decades, but in recent years hackers have escalated their efforts exponentially and continue to refine their tactics.
According to the FBI, phishing attacks through email have accounted for more than $5 billion in losses between October 2013 and December 2016, with more than 24,000 victims – these are only reported incidents. The volume of spam emails have increased 4x in 2016 and it’s currently estimated that more than half of all emails are spam. Spam emails aren’t merely a nuisance, it is one of the primary delivery mechanisms for attack (IBM Threat Intelligence Index 2017). The trends of these attacks are consistently rising at a rapid pace. It is important to Clarus IT Solutions, as a managed services provider, to keep our users from becoming a statistic.
How do I Mitigate this Threat?
Clarus IT Solutions has a developed a fully managed phishing simulation and training program that will provide users with the knowledge to make good decisions when faced with these ever changing threats. Clarus’ anti-phishing approach is an annual offering to ensure confidence in users and business owners by reaffirming training with simulated phishing throughout the year. A regular training program reduces the likelihood people will click on phishing attacks by 96%.
Evaluate users susceptibility to phishing attacks to obtain baseline for training and future evaluation.
Thorough security awareness training via interactive training modules, videos, games, posters and newsletters.
Fully managed simulated phishing attacks. These will vary in timing and frequency based on customer needs. Content is dynamic and topical to ensure reliable analysis.
Detailed metrics related to training participation, training scores and phishing success/failure rates on a user by user basis. Reports generated monthly.
Users that fall for phishing attempts post training will be prompted to complete additional training. Focused one on one training will be initiated as needed.
Standard quarterly meetings to address progress and success rate. Frequency adjustable as necessary.
Clarus IT Solutions has a developed a fully managed phishing simulation and training program that will provide users with the knowledge to make good decisions when faced with these ever changing threats. Clarus’ anti-phishing approach is an annual offering to ensure confidence in users and business owners by reaffirming training with simulated phishing throughout the year. A regular training program reduces the likelihood people will click on phishing attacks by 96%.
The Clarus Approach
Effective training is never a one-and-done endeavor. It’s continuous.The bad guys adapt quickly and your training must keep pace. We don’t just hand over a paper brick and say “read this”. We monitor training closely and make sure users “get it”. We continually test your systems, analyze results, and optimize your company’s readiness.
Comments are closed.