With phishing emails making up 1% of emails sent, an astonishing 3.4 billion hit our inboxes a day. Naturally then, it’s only a matter of time before somebody in your team accidentally clicks a link.
Clicking on a link in a phishing email can leave a business vulnerable to data loss, so it is crucial that you and everyone in your organisation understand the right steps to take in the event of accidentally responding to a phishing email.
Phishing emails can be sent to anyone at an organization and even people like fraud managers or IT security employees can fall victim to a cyberattack. Companies should have a cyber security policy and training awareness program in place that will help employees to take the correct actions.
These are the steps that need to be taken after clicking a phishing link:
1) Report the incident
Your first step should always be to report the incident to your relevant internal team.
By immediately reporting the incident to the relevant team, such as the IT security incident team or service desk, action can be taken to prevent other people in the organisation from doing the same thing.
It’s important to note, however, that employees might be embarrassed that they have been tricked by a scam and be hesitant about reporting the incident. This is why it’s so important that your organisation provides training and awareness that encourages employees to report security incidents without fear that they will be in trouble.
2) Change login passwords
One of the ways that data is compromised through phishing attacks is by tricking people into providing their login credentials, so it is vital that your passwords are changed as soon as possible after a phishing attack.
In many cases, a victim will use the same password for numerous accounts, which can cause a chain reaction of breaches across their accounts. As such, you will need to update all of your passwords as soon as possible.
Passwords should be difficult to guess and training should be provided to ensure that employees know how to set difficult passwords.
3) Investigation of the attack
Once a phishing attack has been reported, the relevant team should conduct a thorough investigation into the circumstances. Endpoint analysis will help to identify if any malicious software has been introduced onto the PC or network.
The investigation should help to decide whether there is a specific security process or system weakness that requires strengthening.
4) Inform the regulators and law authority
Organisations must comply with the rules of their regulatory authorities, such as reporting a phishing incident within a specific amount of time. It may also be necessary to inform the police so that criminal investigations can be completed.
Improve security and raise awareness
Mistakes can be incredibly valuable.
Once the phishing attack investigation has taken place, your organisation should use the information to make their security structure more robust. They can also make arrangements to deliver more comprehensive cyber security training that will help to prevent employees from responding to a phishing email in future.
Bob’s Business offers a range of online training solutions with industry-leading techniques and methodologies to raise cyber security awareness.
Find out more about how we can help protect your business from phishing scams.