A Real-World Lesson in Cybersecurity
At Capella Computer Solutions, a new employee started on a Tuesday. By Friday, just three days later, they received a phishing email pretending to be from the CEO. It’s a scenario that’s becoming increasingly common, and it raises an important question: How can cybercriminals target someone so quickly?
Let’s explore how this can happen and what steps you can take to protect yourself and your business.
How Did the Phishing Email Arrive So Quickly?
There are several reasons this can occur:
1. Publicly Available Information
Cybercriminals often gather data from:
- Company websites (staff directories, press releases)
- LinkedIn (new job announcements)
- Social media posts (welcoming new team members)
If your organisation announces new hires or updates its website regularly, attackers can quickly identify new targets.
2. Predictable Email Formats
Most companies use standardised email formats (e.g., firstname.lastname@company.co.uk). Once attackers know your domain and naming convention, they can easily guess new email addresses.
3. CEO Impersonation (Business Email Compromise)
This is a classic tactic. Attackers pose as a senior executive, often the CEO, and send urgent requests to new employees who may not yet be familiar with internal processes or recognise suspicious behaviour.
How to Protect Your Organisation and Staff
1. Provide Cyber Awareness Training from Day One
- Include phishing awareness in your onboarding process.
- Teach staff how to identify suspicious emails (e.g., urgent tone, unusual requests, spelling errors).
- Encourage them to verify any unusual requests through a separate communication channel (e.g., a phone call or Teams message).
2. Implement Robust Email Security
- Use spam filters and phishing detection tools.
- Set up DMARC, DKIM, and SPF to help prevent spoofing.
- Add banners to flag external emails (e.g., “This email originated outside the organisation”).
3. Foster a Culture of Caution
- Make it acceptable, and encouraged, for employees to ask, “Is this legitimate?”
- Reward staff for reporting suspicious messages, even if they turn out to be false alarms.
4. Monitor and Respond Proactively
- Set up alerts for unusual login attempts or changes to email forwarding rules.
- Have a clear incident response plan in place in case someone clicks on a malicious link.
How to Report a Phishing Attempt
Encourage your team to follow these steps if they suspect a phishing email:
- Do not click on any links or download attachments.
- Do not reply to the sender.
- Report the email using your organisation’s reporting tool (e.g., “Report Phishing” button in Outlook).
- Forward the email to your IT or security team (e.g., phishing@yourcompany.co.uk).
- Delete the email once it has been reported.
Make sure this process is clearly communicated and easy to follow.
Final Thoughts
The speed at which phishing attacks can occur is alarming, but not surprising. Cybercriminals are opportunistic and move quickly. The good news? With the right combination of awareness, tools, and culture, you can stay ahead of the threat.
At Capella Computer Solutions, this incident served as a timely reminder: Cybersecurity isn’t just an IT issue, it’s a people issue too. And it starts from day one.
