Phishing attacks can do more than just put your business data at risk, they could have serious mental health consequences for any team member who becomes the unwitting victim.
This is the warning issued by Chief Marketing Officer for Core to Cloud, Kelly Allen, who has warned companies to prepare for the health and wellbeing impact on an employee if they become a cybercrime victim, and not just be concerned with what happens to personal data or the bottom line.
Writing for Techradar, Allen cited a Sage Open report from 2021 which suggested that hack victims may “experience many of the same psychological impacts as those experienced in traditional crime.”
Similar feelings of fear, anxiety, vulnerability, helplessness and violation were seen across both groups. Furthermore, those who fell for a hack also reported high levels of guilt for letting down their employer – often as a direct result of the negative response they had from the company.
All this would not only put a real burden on the victim but could also result in long periods of lost productivity if they end up taking sick leave.
The response is always education, and one that Allen firmly supports. All the cybersecurity measures in the world can only protect a business so much, the rest comes down to the decisions made by its workforce.
Educating employees not just on the dangers of cybercrime but how to spot likely attacks could make the difference between being a victim and not. Government figures say nearly four in five UK businesses were targets of a phishing attempt last year alone. Combine that with the KnowBe4 benchmarking report that said one in three people not trained on cybersecurity would fall for a phishing scam, and you see the extent of the problem.
“With phishing emails sent out on mass, cybercriminals are relying on employees either lacking in cyber awareness or being too busy to spot the small discrepancies in the messages that highlight that it’s a trick,” Allen wrote.
“Organizations can and should be taking time to make sure staff members can recognize risk and the best way is through cybersecurity awareness training.”