top of page
Phishing cards

PHISHING

Prepare your company for a phishing attack and prevent both financial and reputational damage!

What is Phishing?

 

Phishingis online scam through fake emails, websites or messages. The cyber criminal will try to convince you to click on a link or open an attachment with the aim of stealing data, obtaining passwords, making payments or taking over your computer.

 

These messages often contain afalse to trust aroused and responded to fear or urgency.

Phishing is a form of cybercrime. Another well-known form iscyber squatting

 

How do you prevent phishingonthis pagegives Mr.Franklin 5 tips to protect your company against cybercrime.

Mr.Franklin: your expert IT law & cyber security.

 

logo.png

While phishing messages were sent haphazardly a few years ago, were often impersonal and were sent with language errors to a large group of people, today the messages are sent in a much more targeted way. The messages are often tailored to the recipient, mimic the internal emails or newsletters of a trusted or proprietary company, and are sent from addresses close to the original. It is therefore much more difficult to distinguish the phishing messages from genuine email messages. 

Different types of phishing attacks

There existmany different types of phishing attacks. Below you can find an overview of the most common:

Whaling attack

A phishing attack in which the hacker poses as a person with a high position within a company in order to obtain payments or confidential information such as passwords or trade secrets.

CEO fraud

This is a specific whaling attack where the hacker poses as the CEO or CFO and an urgent payment order is issued to an employee within the company.

malware infection

Two-thirds of online virus or malware infections are caused by opening an email attachment infected with malware. 

Ransomware - Cryptolocker

An attack in which a company's data is encrypted so that it can no longer be used and in which the data is only released after a ransom is sometimes paid to the hackers.

Email/website spoofing

An attack in which the hacker pretends to be a company or service provider that the advertiser trusts with the aim of obtaining confidential information such as login details or inducing the person to open an infected link or attachment. With e-mail spoofing, an e-mail is sent from an e-mail address that is not really the sender's.  With website spoofing, a website is copied, for example from a bank, with the aim of obtaining the user's login details or payments.

 

Why is this important?

 

Phishing messages are becoming more and more common. Where some IT knowledge was previously required, phishing as-a-service packages are now offered at limited prices. Starting a phishing campaign has therefore become much more accessible and cheaper.

 

A phishing campaign is better prepared and is increasingly aimed at specific companies. This involves sending targeted messages to all employees in the hope of gaining control over part or all of the company's data and blocking it with a cryptolocker. Subsequently, (often high) sums are requested to release the data again. 

 

If the data cannot be unblocked immediately, this may result in inactivity, financial and reputational damage to your company. In some cases, the backups are also completely compromised, with all the consequences that entails.

 

TheGDPRalso imposes the obligation to train your employees adequately. Not only about handling personal data within your company, but also about using your IT devices correctly and reducing the risks of data leaks. Companies have already been sentenced toGDPR finesafter a data breach because the employees had not received sufficient training.

 

How can Mr. Franklin help you?

 

Tailor-made phishing simulations:

We offerphishing simulationscustom to. Phishing emails are sent periodically (from 1 per week to 1 per month) to you and your employees. Such periodic simulations raise awareness within a company and significantly reduce the risk of being phished in the future.

 

The results are periodically in adetailed reportdelivered with the results of the phishing emails and tips on possible measures to be taken. 

 

Price for an annual subscription of phishing simulations within your company starts from 500.00 € + VAT.

More information can be found on ourphished page.

Interactive phishing training tailored to your company:

We offer tailor-made training courses for your company, in which your employees learn to recognize the dangers of phishing and phishing messages in an interactive context and learn to recognize these messages. Employees are also taught what to do when (discovering) a phishing attack.

 

Price for a cybersecurity training in your company starts from 500.00 € + VAT

CONTACT USUS

For more information about our services, you can always contact us without obligation.

 

 

Oliver Sustronck

+32 486 27 53 05

olivier@misterfranklin.be

MrFranklin.jpg
logo.png
bottom of page