Should HR Be Concerned About Cybersecurity And Phishing Scams?

Question:

Lately, I’ve been hearing a lot about cybersecurity and phishing. What is it and does HR need to be doing anything about it?

Answer:

You’re concerned. That’s good! Phishing is a complex problem that is not easy to deal with. The Federal Trade Commission describes phishing as “when internet fraudsters impersonate a business to trick you into giving out your personal information.” While this is a good definition, it isn’t comprehensive. Phishing at its core, is not reliant on any form of technology. Phishing in and of itself is using the perpetrators wit and guile to persuade the victim to ignore common sense or best practices and give them the requested information or object.

Phishing is something that you must be prepared for at any time. How are you supposed to know when someone is going to try and trick you into giving them information? As such, there are three major things to remember and make sure your employees are aware of:

  • Check phishing reports quarterly to see what’s trending and what’s changing with how the common scams operate.
    • Kaspersky Labs, maker of Kaspersky Antivirus, publishes a quarterly report containing examples, trends, and statistics of everything that has happened in that quarter.
  • Always be sure to double and triple check who’s asking you for information.
    • Attackers are becoming more and more intuitive in how they reach out to you. It doesn’t matter whether it’s your mother, your boss, or your best friend who emailed you, check where the email came from and be certain before you respond.
  • Never let your guard down.
    • This is probably one of the most important things to remember. It’s not easy to do, but phishing is only a problem if it succeeds. And phishing will succeed. We’re all human and we will make mistakes. It’s these mistakes that attackers capitalize on. Remember these three rules, and you’ll be much safer and prepared to deal with any phishing scams that come your way.

Thank you to Tyler Throckmorton with SafePhish for sharing your insight on cybersecurity and how to train employees to be aware of the scams.  

It’s not negative thinking to plan for a devastating event that could harm employees or impact your company’s ability to function – in fact it’s a good business practice. Bad things happen, but it’s how we prepare for and recover from a disastrous event that often leads to success or failure. Strategic HR, inc. has a variety of resources to help you prepare for such emergencies. Visit our Health, Safety & Security page to learn more about how we can help you with your Emergency Preparedness needs OR pick up our Emergency Preparedness Toolkit and do-it-yourself.