That’s right; you read it correctly. Canadian companies are most likely to pay ransomware demands and ranked among the highest for lost revenue and business interruption, according to a 2016 Osterman Research report on 5,400 IT staff across Canada, the U.S. the U.K. and Germany.
And don’t think cybercriminals are only going after large organizations. They’re finding smaller organizations to be easier targets as they are more likely to have fewer security measures in place.
Over 90% of all Phishing attempts now contain ransomware. Phishing is a term which refers to attempts to gain sensitive information such as usernames, passwords and credit card details, for malicious reasons. In this case, cybercriminals obtain this information through an email (or other electronic communication) disguised as originating from a trustworthy source such as a bank, delivery company or even a co-worker or friend.
Phishing attempts are becoming increasingly prolific and sophisticated. Since success of a Phishing attempt requires a live person to respond in some way; usually by clicking on a link or attachment, the best line of defense is employee education.
How to educate employees has been a challenge up until now. BSC recently introduced a service that includes delivery of fake Phishing emails, which then yields reports on who “clicked” where they shouldn’t have. These employees are directed to inter-active on-line training videos that educate them on what to look for, before “clicking”. A library of training videos is included with the service on a variety of IT security-related topics, to be viewed on-demand.
For more information on our Phishing Security Testing & Training service, give us a call or email firstname.lastname@example.org.