88% of Employees Lack Cyber Security Awareness

MediaPro recently conducted a survey focusing on cyber security, which included eight specific security scenarios.  The survey was completed by 1,000 U.S. employees.  After completion of the survey, it was determined only 12% of the respondents have enough cyber security awareness to prevent privacy issues or a cyber attack.  It was also determined, based on the results, that the riskiest behavior was lack on incident reporting.

Another astonishing factor is 25% of all respondents failed to identify a phishing email that came from a questionable email address.  This is particularly worrisome, because according a recent study conducted by PC Matic Pro, 64% of IT Pros believe phishing attacks will be the primary attack method by cyber criminals.

Here are a few quick tips for you to use to help identify if an email is indeed a phishing attack:

1. Check the “From” address – Is it someone you know, or an email you’re expecting?
2. Look at the content of the email – Is it asking for personal information such as bank information, login credentials, date of birth, social security number?  If yes, why would you be getting this email?  Are you expecting it?  Are you certain it is a reputable source?
3. Check the hyperlinks within the email – You can do so by hovering over the hyperlink without clicking on it.  This will show you where the hyperlink is taking you.  Be sure this is a legitimate address.  Also, ensure the hyperlink is taking you to a secure website.  You can identify this by seeing an https:// instead of http://
4. Spelling errors and typos – Often times cyber criminals are careless, and include some kind of typos within the email.  This is a good sign it could be a phishing scam.
5. Attachments – This is one of the major ways ransomware is being spread.  Many times the content of the email will create some form of urgency such as a “billing invoice”, “tracking information” or something of the sort.  Again, be sure to check all of the above before opening any attachments that are sent to you.

Also, here are a few best practices tips that could help you avoid becoming the next phishing scam victim:

1. If you ever question an email, reach out to the original source.  Do NOT hit reply, because if it is a scam you’ll be sending questions to the cyber criminal who will most definitely put your mind at ease about the legitimacy of the email.
2. If the email is coming from a company or banking institution, log in to their website directly.  Do NOT click the link within the email.  Check this out, www.wellsfargo.com compared to vvww.wellsfargo.com.  The second is a fake, using two “v”s instead of a w.  I think it’s rather noticeable, but for someone who merely glances, it could easily be passed off as a legitimate website.
3. Follow your gut.  If you’re getting an email from “Amazon” providing you tracking information on a package, but you haven’t ordered anything–chances are you’re being phished.
4. Lastly, all PC Matic Home subscribers are encouraged to take advantage of the free cyber security training offered with their subscription.