Saudi Arabia’s economic strength and political stance make it a prime cyber crime target. Viruses, malware and other scams pose a threat to national security, with the potential to disrupt servers and close down vital services.
Although the nation’s cyber security is improving, criminal hackers are continually developing more sophisticated techniques and always seem to be several steps ahead. One of the most popular scams is phishing.
What is phishing?
Phishing is online fraud that uses deceptive emails and websites to trick people into giving away personal information, such as bank details, clicking malicious links or opening attachments that contain malware. Once the cyber criminals have the information they need, they are able to steal identities or take money from bank accounts.
The emails can be very persuasive, often adding a sense of urgency to make the victim feel like they need to act quickly. This increases the risk of people sharing personal information without thinking about the consequences, only realising that they’ve been scammed when it’s too late.
However, there are several ways to identify a phishing email. Often, the offer is too good to be true or the information the scammer gives them seems suspicious. The emails also tend to be badly written and come from an unrecognised address.
There have been more than 26 million phishing emails in Saudi Arabia in recent years, according to the National Cyber Security Centre (NCSC) at the Ministry of the Interior.
In big organisations, IT departments are running tests to check if employees open phishing emails. Although these are just tests and the links aren’t hazardous, it shows there’s a real need to improve employee awareness and make sure they know what to do if they receive a bogus email.
Reduce your security risk exposure
Information security should be a key concern for you and your business, and it is important that staff are aware of the cyber security risks your organisation faces. This can be achieved through a phishing and ransomware e-learning course, which will educate employees on the daily cyber risks they face and suggest actions and procedures to mitigate such risks.