HR Policies & Procedures, Training

If It Seems Phishy, It Probably Is

Yesterday we looked at some great reasons you should protect yourself from hackers from every angle. Today we’ll look at attacks like phishing.

By Sam Karson

Protecting Your Company from Phishing Attempts

The most effective way to protect your business from phishing is to make employees aware that phishing attempts are real and often involve fraudsters impersonating company employees. Ensure that employees are trained to detect phishing attempts. Most important, if an employee receives a request for personal information, he or she should call the person asking for the information to confirm the request. Also, employees should watch out for anything that doesn’t look quite right, such as irregularities in e-mail addresses, strange wording, or requests that are seemingly out of the blue. You may want to adopt policies requiring that all personal information be shared using encrypted methods, such as ShareFile, SecureZIP, or TrueCrypt. Many strategies for guarding the front door involve commonsense operational security.

Bottom Line

Cyberattacks, including phishing attempts, will become more prevalent and more sophisticated as employers continue to store more personal information on their computers. However, HR professionals can decrease the risk of exposing employees’ personal information to fraudsters by staying up to date on the latest threats, training employees regularly, and implementing commonsense operational security policies.

Sam Karson was a paralegal with Brann & Isaacson (http://www.brannlaw.com) in Lewiston, Maine, and a contributor to the Maine Employment Law Letter (http://store.hrhero.com/meemp). He is currently studying for his JD at Duke University.