Report highlights generational differences in workplace violence prevention training and reporting
Workplace safety
Compliance training is taking on new relevance as organizations and their employees adapt to evolving changes caused by COVID-19. Unfortunately, criminals are exploiting the pandemic with sophisticated phishing scams that attempt to trick people into divulging personal and business data, sending in money or downloading malware attachments. Training employees on information security and how to keep confidential data out of the hands of cyber criminals has never been more important.
Phishing is a form of social engineering — the concept of exploiting human psychology to manipulate people into sharing personal or other confidential information via emails, texts, phone calls and social media. For example, criminals impersonating tech support staff trick employees into providing their passwords. Spear phishing is a form of phishing where fraudulent emails are sent to targeted individuals or organizations in an effort to access specific confidential data.
The Federal Trade Commission (FTC) says phishing emails and text messages often tell a story to deceive people into clicking on a link or opening an attachment by:
As part of an organization’s ongoing cyber security training and communication, these 10 tips can help raise awareness of phishing attacks, change employee behavior and keep information security top of mind:
It really comes down to being cautious and careful. Careful before opening an email from an unfamiliar sender, and extra careful before clicking a link or opening an attachment. And when in doubt, promptly contact a supervisor or IT.
Especially during these unsettling times, cyber criminals are unleashing creative ways to get people to divulge information and compromise systems. Focusing on the human element of cyber security is as essential as keeping anti-virus software and security settings up to date. Whether working from home or onsite, employees can benefit from regular training on how to protect confidential and sensitive data and how to recognize and report phishing emails and other scams.