A report released this week by Britain’s National Cyber Security Center showed a 15-fold increase in the number of scams removed from the internet, saying the agency had taken more fraudulent sites offline in the past year than in the previous three years. combined.
In the first quarter of this year, according to government statistics, nearly 40 percent of businesses in Britain reported digital breaches or attacks, with an average cost for medium and large businesses of around 13,400 pounds, or $ 18,800. And the cost of a serious breach can be much more overwhelming: A study last year by the Ponemon Institute for IBM Security, interviewing 524 organizations in 17 countries, found that data breaches in 2020 cost an organization an average of 3.86 million dollars.
Phishing has also been used by scammers trying to scam grandparents out of their savings, by intelligence agencies for diplomatic information and leverage, and by IT departments to see if employees are paying attention.
“A well-designed enough phishing email will be clicked 100 percent of the time,” said Steven J. Murdoch, professor of security engineering at University College London, adding that all companies were vulnerable to phishing.
But testing employees with fake bonus emails was a “scam,” he said, adding that it risked damaging the relationship between companies and employees, which was crucial for safety. Some attacks, for example, come from disgruntled employees, he said. “The people responsible for fire safety did not set the building on fire,” he said of the tests.
Rather than discouraging employees from clicking any link, he said, the most effective strategies could include blocking phishing emails, installing software to protect against ransomware, and addressing the use of passwords.
Alienating employees also meant they were less likely to report suspicious activity to their company’s departments, a crucial method to prevent attacks from becoming more serious, said Jessica Barker, co-founder of Cygenta, a cybersecurity company.