NEW YORK (AP) — The next phishing email you get could be from your boss. Especially if you work for Twitter.
With high-profile security breaches on the rise, from Sony Pictures to Anthem, companies are on the defensive. And they want to make sure their employees are not a hack waiting to happen.
Data show phishing emails are more and more common as entry points for hackers. Unwittingly clicking on a link in a scam email could unleash malware into a network or provide other access to cyberthieves.
So a growing number of companies, including Twitter Inc., are giving their workers a pop quiz, testing security savvy by sending spoof phishing emails to see who bites.
“New employees fall for it all the time,” said Josh Aberant, postmaster at Twitter, during a data privacy town hall meeting recently in New York City.
Falling for the fake scam offers a teachable moment that businesses hope will ensure employees won’t succumb to a real threat. It’s even a niche industry: companies like Wombat Security and PhishMe offer the service for a fee.
Phishing is very effective, according to Verizon’s 2014 data breach investigations report, one of the most comprehensive in the industry. Eighteen percent of users will visit a link in a phishing email which could compromise their data, the report found.
Not only is phishing on the rise, the phish are getting smarter. Criminals are “getting clever about social engineering,” said Patrick Peterson, CEO of email security company Agari. As more people wise up to age-old PayPal and bank scams, for example, phishing emails are evolving. You might see a Walgreens gift card offer or a notice about President Barack Obama warning you about Ebola.
Image may be NSFW.Clik here to view.
