Latest News

In 2019, attackers are phishing targets to retrieve sensitive information that ultimately leads to data compromise. Phishing is the technique where a malicious actor lures a victim into revealing sensitive information. This can be through large “spray-and-pray” type campaigns involving multiple recipients or, a more targeted approach crafting attacks for specific individuals, known as Spear Phishing. Phishing has been around since the early days of the Internet as one of the oldest vectors of attack.

Phishing

Some key facts about phishing:

  • 9.2 million suspicious emails were sent in 2019
  • 68% of phishing websites use the https protocol
  • Phishing is the biggest cause of security breaches (Are we even surprised?)
  • Smaller organisations receive higher rates of phishing emails than larger companies.

Security awareness is a key way to address this issue. This is nothing new, but as an industry we’re still not doing enough to help educate our colleagues, families, and friends. An organisation could confidently say they have met peak maturity when every employee is performing the duties of a security guard to identify when something isn’t right and report it. Achieving this is a journey that requires constant training and awareness.

API Security

Here are the top 5 tips to avoid getting phished:

  • NEVER click on something you’re unsure about or were not expecting.
  • NEVER submit credentials after following a link in an email - always go directly to the site.
  • If you have mistakenly submitted credentials or clicked on something that doesn’t look right, RESET your password and REPORT it.
  • Use Multi-Factor Authentication (MFA) - there’s really no excuse for not using it in 2020.
  • Lastly, if you’re unsure about the legitimacy of an email or are ever in doubt, send it to your cybersecurity team. Everyone should know how to do this (for example: This email address is being protected from spambots. You need JavaScript enabled to view it. or This email address is being protected from spambots. You need JavaScript enabled to view it.).

At Privasec, we can help identify your current exposure level through phishing exercises, or even conduct complete red team engagements to find vulnerabilities so you can remediate and work towards securing your assets. 

Call T(AU): 1800 996 001, T(NZ): 09 222 4725, T(SG): +65 6631 8375, T(MY): +603 2788 3709 or email This email address is being protected from spambots. You need JavaScript enabled to view it. and talk to one of our experienced consultants.

Join Privasec Team