COVID-19 showed us just how easily criminals could jump on an opportunity. Phishing rose by 67% since the start of the pandemic, with many of these attacks directly referencing the pandemic and using it to appear legitimate. Without sufficient training, this could happen to any business, and many that believed it wouldn’t happen to them, have had a rude awakening over these past 18 months.
Some notable examples of pandemic related phishing
Mimicking the WHO
Many hackers have sent out phishing emails over the past 18 months posing as members of the World Health Organization. These emails have duped people into clicking on malicious links or sharing sensitive information.
Faking the IRS website
One particularly cunning phishing attack was SMS-based. Hackers sent victims a text message in the name of a ‘COVID-19 TREAS FUND.’ When someone clicked on the link they would be redirected to a website identical to www.irs.gov before the site collected their data.
Out of the scams that unfurled in 2020, those are just the tip of the iceberg. With many more like them, the likelihood of one careless error, causing data loss, downtime, hefty penalties, lawsuits, or even permanent closure is too high to take a chance with. Businesses need to therefore close the gap between the preparedness and efficacy of their backup and their security defenses.
This is where backup and cyber security training come in
Backups can be a lifesaver for your business by protecting your valuable business data from being deleted or altered by cybercriminals. Although the pandemic acted as a catalyst for backup adoption, only 41 percent of businesses actually back up their data at least once a day. This is far from optimal. A business should backup their data on the hour at the bare minimum and regularly test it. On top of protecting your data, backups can help reduce downtime, improve your business’ reputation and act as a single access point for your entire database.
There are two main reasons why cyber security training is important. Firstly, the more obvious; it empowers employees to easily spot and ignore phishing, acting as a business’s human firewall. But training also helps to reduce the likelihood of a negligent employee threatening your business. With sufficient training, acts like carelessly sharing or deleting business-sensitive data are far less likely.
Empower your business
Both backups and security awareness training are equally important when it comes to protecting your business so it's crucial you don’t choose one over the other. To make sure your business is safe, not sorry, a proactive approach is key here, as it costs far more to remedy a cyber-attack than to adequately prepare for one. If you want to start implementing backups and comprehensive security awareness training, click below to get in touch with one of CMI’s experts today.