One of the ever-increasing dangers on the internet
Every email user knows them and has had them in his or her inbox: phishing emails. Especially mass phishing e-mails in a familiar design, such as "Your account has been restricted due to suspicious activity", continue to enjoy enormous popularity among cyber criminals. Always paired with the request to follow a link to an often deceptively similar page in order to enter access data there, they unfortunately lead to success with numerous recipients and promise a profitable business. With these mails, the scam is basically always the same and comparatively trivial, but nevertheless promises great success compared to the little effort.
Spear phishing
In contrast to mass phishing to thousands of email addresses, the criminals in spear phishing take more effort and select their targets precisely in advance. E-mails are sent to company employees that appear to come from the company's own IT, business partners or customers. More and more often, they are based on existing situations. An impressive example that has caused damage on a gigantic scale is Emotet - it spread via email attachments and was able to read out the entire communication traffic of its victims and deceptively imitate it. These phishing e-mails are much more complex in their design and it is much more difficult to recognise them as such.
However, the majority of phishing e-mails that repeatedly land in the inbox can be defused with a few simple glances. To do this, however, employees need the little know-how they have. They need to internalise and know where dangers lurk and what to look for in incoming emails.
Cybercrime is much more than phishing
Unfortunately, cyber security does not end with the topic of email security on the staff side either. A trained approach to authentication procedures, for example, the use of strong passwords, the use of a second (and possibly third) factor and the ability to examine hyperlinks for their actual destination are just a few of the skills that need to be built up step by step and refreshed again and again. Because the dangers are no longer just lurking in the e-mail box. The increasing networking of all areas of life requires that employees build up comprehensive knowledge about all dangers on the internet. Incidentally, it is not only employers who benefit from this, but also the employees themselves in their own use of smartphones, computers and the like.
Sensitisation and training
Awareness-raising and training measures have become essential for companies and public authorities, especially because cyber criminals not only attack the technology but also the simple user.
However, it is often more difficult, especially for larger organisations, to really provide all employees with the urgently needed know-how. This is usually not feasible with training and small courses, also because the courses have to be repeated and new employees are constantly being added. Therefore, learning and training platforms have long been standard for this purpose. In e-learning portals, employees can find everything they need in one place and can build up, deepen and refresh their knowledge at any time. At the same time, employers receive proof that the training measures have been carried out, which is often also required by law.