Loose clicks sink ships.
Did you know that “Approximately 90% of attacks happen from end user error and a lack of training”?* *Continuum – 2019
In other words, when a user unknowingly or carelessly clicks on a malicious email, link, attachment, etc. it can cause critical damage to a company by allowing the bad actors direct access to your users and even systems. According to a Better Business Bureau study, “half of all small businesses would cease to be profitable in only one month if critical data were held hostage by a ransomware attack.”
Users can be the biggest defense or the biggest liability in preventing an attack against your company. Social engineering is increasingly common among bad actors using low hanging fruit tactics. For example, your most high-profile employee’s name being used as the “sender” name to try and prey on their superiors to gain knowledge, access, or even use them as a tool to commit fraudulent activity.
Would your employees or users be able to properly distinguish and identify the difference between a safe vs. malicious email?
It is important for all organizations to have employees enroll in some form of Security Awareness Training in order to properly identify harmful phishing or senders with malicious intent. Safe phishing campaigns and online training courses are ways to educate users by providing a hands-on experience to real world scenarios.