What is Phishing?

Phishing is the preferred tool of cybercriminals, accounting for 93 percent of all breaches, which are conducted predominantly over email (2018 Verizon Data Breach Investigations Report). In a phishing attack, someone masquerades as a trustworthy source in an attempt to bait a user to surrender sensitive information, such as a username, password, or credit card number. Another way to look at phishing is as a door where a hacker picks the lock and a phisher convinces the user to let them in.

The three most common types of phishing attacks on small businesses are:

  • Deceptive phishing. A user receives an email that claims to come from a recognized source and asks a user to reenter sensitive information or make a payment.
  • Spear phishing. A user receives an email that looks legitimate and may have information such as a name, position, company, or work phone number to trick them into believing the sender is authentic.
  • Pharming. Criminals send users to a fraudulent website that looks legitimate. Unlike a typical phishing attack, victims don’t have to click a link. Instead, hackers use a computer to redirect the user to a fake URL.

Next week, we will discuss another top cybersecurity threat for self-storage operations: ransomware.

Download MiniCo's white paper Cybersecurity and Privacy Risks: Information for Self-Storage Businesses.

For more tips, sign up for the quarterly e-Risk Management newsletter. It's free!

Make it a safe day!

Mike Schofield
President & CEO