Heaptalk, Jakarta — Employee emails have become prime targets for phishing attacks. According to technology observer Sri Haryanti, who was contacted via phone on Tuesday (09/10), phishing attacks are one of the most effective tactics for deceiving company employees into revealing sensitive information, such as login credentials or financial data, by impersonating legitimate sources.
“Based on the 2023 The State of Email Security report from Mimecast, 83% of Chief Information Security Officers (CISOs) surveyed indicated that cybercriminals often target emails as the primary source of cyberattacks. Although phishing attacks can come in various forms, email attacks are more frequently targeted due to the vast amount of valuable information stored within them,” explained Sri Haryanti.
These cases show that the threat of cyberattacks is growing; therefore, a company’s cybersecurity defenses need to be strengthened. Kaspersky, a cybersecurity company, has revealed steps on how phishing attack schemes targeting employee emails typically unfold.
- Cybercriminals’ motivation
Phishing attacks usually originate from individuals seeking financial gain by illegally obtaining sensitive information such as credit card details or login credentials, which can be sold or used for fraudulent transactions.
- Attackers’ initial approach
Phishing attacks always start with fake emails designed to entice the recipient to take immediate action. These emails often mimic legitimate communications from trusted sources, such as colleagues, business partners, or prominent organizations.
Therefore, strong cybersecurity measures and continuous employee education are needed to protect against phishing attacks targeting corporate email systems. Effective mitigation strategies may include employee training, multi-factor authentication, incident response planning, and implementing advanced email filtering and security technologies.
