The BBC published an article on Tuesday about the aftermath of a successful Phishing attack where the user had granted the malware access by logging into a fake login. The article then details the process inside the company of handling a breach and the procedure they need to follow. However, this team clearly aren’t as prepared as they should be.
At TecSec, we believe in being pro-active which is why we advise you to read our article on “How a Phishing attack progresses” and the red flags to help you identify the phishing email for what it is, a scam.
Under GDPR a phishing attack now must be reported to the ICO as a breach, if the user clicks the link or downloads a file. Depending on the technical and business measures in place, the business is at risk of being fined.