Why is Phishing so Hard to Stop?
Phishing attacks are becoming more and more sophisticated and essentially rely on the unsuspecting recipient clicking a link in the email or downloading an attachment. Although email clients have various safeguards built in, phishing emails will still often get through to victims’ inboxes. In essence not all phishing emails can be stopped, but the potential effects can be controlled through staff awareness and training.
By nature, people are generally trusting and can be easily misled into clicking on what looks like an email from a legitimate source, especially if they are busy, distracted or expecting a similar email to arrive. Attackers take advantage of this and target victims with content and at times they are less likely to be on their guard. For example, late on a Friday afternoon, an employee might be more relaxed, busy finishing off the weeks work in anticipation of leaving the office for the weekend, keen to get home. They are less likely to be vigilant at this time than say on a Tuesday morning.
Staff awareness and training is therefore THE most important factor in surviving a phishing attack.