Recent research shows that not only individual users but also companies are vulnerable to phishing attacks. Stating that 85% of web application attacks in 2021 were carried out with stolen credentials, Komtera Technology Sales Director Gürsel Tursun shares 4 cyber security recommendations that should be considered for companies that want to be protected against worrying phishing attacks.
Phishing attacks remain one of the most common security problems faced by companies. Hackers are increasingly targeting cloud services and infrastructures using credential stuffing, phishing and other identity attacks. According to Verizon’s annual Data Breach Investigations Report, stolen credentials were used in 85% of web app attacks in 2021. “With the transition to a hybrid workforce, it has been very challenging for security teams to manage.” According to Komtera Technology Sales Director Gürsel Tursun, in his statement, companies as well as individual users are greatly affected by phishing attacks. Underlining that companies do not know enough about protecting and managing the identities of individual users as well as protecting their own identities and data, Tursun lists 4 effective cyber steps that companies should follow in order to be protected from phishing attacks.
Insufficient Security in Data Sharing Permissions Increases Attacks!
Hackers, who want to seize personal data and make big profits, target companies as well as individual users. The lack of control and security vulnerabilities in data sharing permissions empower hackers to develop new strategies for organizations and make cyber attack plans. “The adoption of the cloud with remote workforce brings organizations to the point of taking security measures like an individual user, protecting themselves against malicious phishing attacks.” In his statements, Komtera Technology Sales Director Gürsel Tursun underlines that companies should take precautions so that they do not become victims of phishing attacks. Stating that the purpose of attacks with stolen credentials is to access corporate resources, to act laterally over a corporate network even if this data belongs to an extremely privileged user, and to harm the company, Tursun lists the cyber security steps that should be implemented in companies that want to be protected against phishing attacks.
2. Get fast reporting.
Get help to send reports in the fastest way by setting up a filter system against fraudulent e-mails. Quickly filter incoming emails to identify potential risks and ensure that they are forwarded to the spam box or rebuffed.
3. Verify the security of sites.
There may be various links and links in incoming e-mails that exceed filtering. When entering these sites, you should check that the URL starts with “https” and there is a closed lock icon near the address bar. You should also never open a website after receiving a warning that the site may be unsafe, and avoid downloading files from sites that appear malicious.
4. Train your employees.
Provide regular cybersecurity training to your employees so they know and identify phishing scams, malware and social engineering threats.