TAMPA BAY, Fla., Aug. 6, 2013 /PRNewswire-iReach/ — The American public and businesses today are under a constant, ever-growing threat of attack from cybercriminals who attack as many people and businesses as quickly and effectively as possible in order to access large amounts of sensitive information. In the first half of 2012 alone, there was an average of almost 33,000 phishing attacks per month, with an estimated worldwide loss of nearly $700,000,000 from phishing scams alone (1). Internet security awareness training firm KnowBe4 has long spoken out about the rise of cybercrime, and is now predicting an unprecedented level of hacking—persistent spear phishing.

(Photo: http://photos.prnewswire.com/prnh/20130806/MN58349)

Spear phishing consists of a phony, but authentic-looking, e-mail designed to target a particular individual or organization, in an attempt to “fish” out valuable information for financial, business or military gain—it differs from traditional phishing attacks in that it is not typically initiated by indiscriminate hackers, but rather is more likely to be conducted by criminals out for financial gain, trade secrets or military information. KnowBe4 founder, Stu Sjouwerman, says that criminals are now becoming relentless in their attempts, and will continuously attack the same target until they get the information they seek, an act he has coined “persistent spear phishing.” And these attacks, per Sjouwerman, leave both businesses and the general public at risk of being targeted:

45% of banks have seen an increase in spear phishing attacks targeting employees over the last year;
Criminals target consumers by relying on personal information collected from public posts on social media sites and blogs, as well as with data collected from other breaches, to make the fraudulent e-mails appear legitimate. They ultimately convince consumers to click links that take them to spoofed sites which contain malware, or to provide login usernames and passwords that allow the attackers to compromise online banking accounts (2).

“Spear phishing creates a domino effect—once a business has been infiltrated, a hacker potentially has access to everything,” said Sjouwerman. “At that point, all the company can do is attempt to halt the attack and recover any stolen information. But the best bet is to prevent these incidents from occurring in the first place.”

Avoid Becoming a Spear Phishing Victim

Sjouwerman insists that businesses and the public can limit their risk of falling victim to persistent spear phishing attempts by remembering the following:

Be wary of e-mails that appear to be genuine but redirect to strange or unknown links.
Never click a link to a website contained within an e-mail—always enter the URL manually instead or through a bookmark.
Legitimate businesses will never request personal information via e-mail. Never reply to an e-mail providing any sensitive information—if in doubt, contact the business directly using a verified telephone number.
Keep the Operating System, third party applications, firewalls and antivirus software constantly updated. Many browsers come with phishing filters, and these should be enabled for better protection against attacks.

In addition to the above tactics, Sjouwerman suggests that business owners consider educational resources for employees.

“For business owners looking to introduce security awareness training programs, engaging employees with an actual encounter of being spear-phished by sending out mock spear phishing e-mails is often an effective measure,” said Sjouwerman. “Imitated persistent spear phishing e-mails present a memorable and highly relevant experience to employees, and also train them to properly react when a spear phishing attempt arrives in their inbox. Employee education and heightened awareness are more important than ever.”

KnowBe4 provides an extensive collection of free cybercrime education resources so that executives and system administrators can arm themselves and their staff against cyberattacks. The company also offers a free phishing security test to help business owners and managers determine what percentage of employees are Phish-prone™, or susceptible to phishing attacks.

For more information, visit KnowBe4 online at www.knowbe4.com.

About Stu Sjouwerman and KnowBe4

Stu Sjouwerman is the founder and CEO of KnowBe4, LLC, which provides web-based Internet Security Awareness Training (ISAT) to small and medium-sized enterprises. A data security expert with more than 30 years in the IT industry, Sjouwerman was the co-founder of Inc. 500, Company Sunbelt Software, an award-winning anti-malware software company that he and his partner sold to GFI Software in 2010. Realizing that the human element of security was being seriously neglected, Sjouwerman decided to help entrepreneurs tackle cybercrime tactics through advanced security awareness training. He and his colleagues work with companies in many different industries, including highly-regulated fields such as healthcare, finance and insurance. Sjouwerman is the author of four books, with his latest being Cyberheist: The Biggest Financial Threat Facing American Businesses Since the Meltdown of 2008.

1. “Phishing in Season: A Look at Online Fraud in 2012.” RSA.com. RSA FraudAction Research Labs, n.d. Web. 19 Feb. 2013. blogs.rsa.com/phishing-in-season-a-look-at-online-fraud-in-2012/.

2. Kitten, Tracey. “FBI Warns of Spear-Phishing Attacks.” Bankinfosecurity.com. Bank Info Security, 02 July 2013. Web. 25 July 2013. bankinfosecurity.com/fbi-warns-spear-phishing-attacks-a-5878/op-1.

Media Contact: Karla Jo Helms, JoTo PR, 888-202-4614 ext. 802, khelms@jotopr.com, www.jotopr.com

News distributed by PR Newswire iReach

SOURCE KnowBe4, LLC


Avaya 9611G VoIP Phone 4-Pack 700510904 9611D02C-1009 700510904 | New Sealed picture

Avaya 9611G VoIP Phone 4-Pack 700510904 9611D02C-1009 700510904 | New Sealed

$129.95



Avaya 700513916 J139 IP PHONE picture

Avaya 700513916 J139 IP PHONE

$95.00



Avaya 9621G Digital Gigabit VoIP Office Phone Color Touchscreen PoE picture

Avaya 9621G Digital Gigabit VoIP Office Phone Color Touchscreen PoE

$19.00



AVAYA J159 IP Corded Desk Business Phone 700512394 picture

AVAYA J159 IP Corded Desk Business Phone 700512394

$99.99



AVAYA IP Office IP500V2 Combination Card w/4 Analog Trunks ATM V2 700504556 picture

AVAYA IP Office IP500V2 Combination Card w/4 Analog Trunks ATM V2 700504556

$39.00



Avaya J179 Gigabit IP Phone (700512394) - Brand New w/1-Year Warranty picture

Avaya J179 Gigabit IP Phone (700512394) - Brand New w/1-Year Warranty

$143.95



Avaya J179 Color Display 8-Line IP Desk Phone / 700513569 - New / Sealed picture

Avaya J179 Color Display 8-Line IP Desk Phone / 700513569 - New / Sealed

$99.99



Avaya 9641GS Touchscreen Gigabit IP Deskphone Factory Reset picture

Avaya 9641GS Touchscreen Gigabit IP Deskphone Factory Reset

$35.00



Avaya AL7000MS1-E6 7008XLS-MDA 8-Port 10G SFP+ VSP7000 Module picture

Avaya AL7000MS1-E6 7008XLS-MDA 8-Port 10G SFP+ VSP7000 Module

$399.99



AVAYA ION SA5610-SAL EDITION FIREWALL SECURITY APPLIANCES API TECHNOLOGIES GOOD picture

AVAYA ION SA5610-SAL EDITION FIREWALL SECURITY APPLIANCES API TECHNOLOGIES GOOD

$199.99