Most users are not compromised through an advanced hack targeting their company’s networks or computers. Instead, social engineering threats like phishing scams are the most prevalent for harvesting user credentials or other information. Often these general emails are unsuccessful, but emails that are specifically crafted to target an organization or users of a specific service (like eBay, Facebook, Google, Amazon, etc.) can be quite effective.
User training on spotting phishing emails can help, but these emails can look innocuous to even seasoned veterans at first glance if the scam is crafted well enough. While people are often more concerned with which antivirus products are the best on the market, phishing scams are still making off with their account information. It doesn’t matter how up to date your computer is, what kind of antivirus product you have, or that you have a dedicated security team at your organization if you willingly hand over your credentials to attackers. How can you help secure yourself? By ensuring your authentication methods are secure and that you understand what phishing attacks look like..