In the olden days, phishing emails were pretty obvious to spot for almost everybody. However, on the odd occasion, employees would get that dreaded feeling in the pit of their stomach when they realise that they may not have spotted an obvious link. It happens more than may think for employees who haven’t had training,
When weary workers are sifting through mountains of emails in the early morning, they may stumble across a request for files or click a link from a sender they recognise. However, the issue is that the sender’s name is the only bit of data that they should recognise. If they weren’t tired or had received security training, they may have looked a little closer at the email address and domain. For example, ‘John Smith’ may be your boss’s name, but the email address is spam and comes from a Gmail account rather than their business email.
It could be too late when they realise, and that dreaded feeling appears in their stomach. If they have their time again, the individual will look for signs that this may not be a legitimate request. But what happens now? Once the link has been clicked, the device could become unresponsive. There is nothing you can do. Your files look to have disappeared, and the sensitive and confidential data held on the computer (on desktop or drive) can no longer be found.