Phishing Protection and Email Security
Phishing and social engineering are cyber threats affecting Australian businesses of all size.
What Is Phishing?
Did you know that industry reports show that over 90% of the data breaches start with a single phishing email, and the most common cyber security threat in Australia is phishing?
Phishing can mean you and your clients are defrauded, have your passwords and payment details stolen, have your data held to ransom, have your clients confidential information stolen and sold on the dark web, have hackers impersonate you and contact your clients, and have all of your emails and documents maliciously deleted or permanently encrypted.
The Australian Competition and Consumer Commission (ACCC) reports that phishing is the most prevalent cyber-threat costing Australian businesses $3.8 million annually.
Cybercrime is a serious business run by organised crime. Australian businesses in professional and financial services and healthcare are major international targets.
Contact us now to learn how we can protect your organisation from cybercrime.
Types of Phishing Attacks and Scams
The average cost of a data breach is $201 per customer record, and a whopping 70% of customers would stop doing business with a company if it experienced a data breach.
Any interaction with a deceptive email could enable the attacker to steal sensitive information from your organisation such as your clients’ records, confidential files and your passwords.
A profitable extortion scheme mainly delivered by emails with malicious file attachments. By merely opening a Word or PDF document, ransomware can permanently block access to your valuable files unless a ransom is paid.
Attackers impersonate your organisation’s CEO, a senior executive or a trusted vendor targeted emails to specific employees in finance, or purchasing requesting an urgent transfer of funds, that they send a confidential file, or perform some other action which compromises or defrauds your business.
Payment Redirection Fraud
This cyber attack is a class of Business Email Compromise (BEC) fraud, whereby organised criminals break into work email accounts through phishing. The goal is to hijack bank transactions by changing payment instructions in email correspondence between your staff and clients or staff and your suppliers.
How Phishing Scams Affect Your Business
Internet cybercrime is operated by international crime syndicates. The glory days of the teenage hacker causing mischief is a nostalgic dream. These guys are out to do you harm.
The immediate consequences of a cybercrime to your organisation are:
hackers misdirecting money transfers, trust money or settlement funds;
hackers impersonating staff members and emailing clients fake invoices, or fake payment directions;
interruptions to your business operations, or in some cases bankrupting your business;
unexpected expenses related to remediation of your IT systems, such as hiring security consultants, performing expensive data-recovery, or repairing/replacing systems post-breach and forensics analysis;
compliance with Notifiable Data Breaches (NDB) Scheme legislation meaning data-breaches may need to be reported publicly or you being fined for failing to comply with NDB obligations; and
breaching obligations in trust money and trust records practices.
The long-term damage from cyber attacks includes:
the loss of your business’s reputation;
the loss of existing and future clients;
unwanted media attention and social media rage;
legal action by your clients or customers for professional negligence and other lawsuits.
Phishing Protection Services
Our comprehensive range of services can protect your organisation from the different types of phishing.
Managed Anti-phishing Service
Stop cyber threats right at the gates. Our fully managed anti-phishing service relies on state-of-the-art technologies such as intelligence-sharing and machine learning to block phishing emails before they reach your employees’ mailbox.
Phishing Awareness Training
When all technology fails, your last defence line is your staff. After all, it is a human clicking on a deceptive web link or authorising a payment transaction.
We can prepare your employees with our classroom-based training courses, webinars and online videos to identify the latest online threats and respond to them appropriately.
Phishing simulation is an effective way to test and train your the security awareness and susceptibility to social engineering tactics, spear phishing and ransomware attacks of your employees.
We can identify the vulnerable segments of your staff (i.e. those who fell for social engineering) by phishing them with campaigns resembling real-world attacks, them train them with the appropriate education.
Phishing Protection Consulting Services
Mimecast, Proofpoint, Mailguard or something else? We are happy to acquire, implement, operate and support the anti-phishing solution of your choice throughout the full lifecycle.
We can work with you as an extension of your IT team or as a partner to help you achieve your security objectives.
Security Audit and Hardening of Your Email Platform
Did you know that the default settings of the two most popular email platforms may leave your business vulnerable to cyber attacks? Email services such as Office 365 and G Suite are not configured with cybersecurity best practices by default.
Our experts can perform a security audit of your email platform, make recommendations and implement them to ensure you have the most secure mail platform settings to reduce the risk that your business becomes a victim of fraud.
Data Protection and Cloud Backup
Our backup service will create point-in-time recovery points to protect your important files and emails from accidental or malicious deletion (e.g. ransomware) and corruption.