Phishing, fraud, and threat reduction: advice from Alex Rosier

Sarah Brown by Sarah Brown on

The third webinar in our Essentials of Business Security series is now available! In this video, Matt talks with Alex Rosier from ProtonMail about phishing, fraud, and how you can reduce the threats to your business.


ProtonMail is five years old, and Alex has been involved since the early days. He started out doing anything and everything that was needed but now focuses on working with businesses of all sizes.

To help keep your business safe from phishing attacks, we’ve put together five key points from their chat.

Your email is at risk

Despite the rise in popularity of Slack and other messages programs, email remains the largest communication model for businesses. The data you send over email is more vulnerable than you may think. Even internal emails can be intercepted and exposed if the right malware has been put into place.

Even internal emails can be intercepted and exposed if the right malware has been put into place, but if you and the recipient of your email use an encrypted email server like ProtonMail, it makes it more difficult for third parties to read or tamper with your messages and the information they contain.

Information is more public than you realize

Nothing is as secret or as private as you’d like to believe. Everything from your phone number to your social security number may be available to anyone who knows where to look. If a cybercriminal already has the right kind of information about you, it can be easy for them to convince you to hand over even more without realizing what you’re doing.

Anything you share online can potentially be used against you in an attempt to steal your information, so even if you’re job hunting and expecting an email from a recruiter, think twice before you send sensitive or confidential data over.

Phishing over email

It’s possible to get almost any information you need by asking the right person the right questions or getting the right person to click the wrong link. Often, a target may be phished for details regarding a password or login information for a simple, non-critical system. However, if that target re-used their password on more critical systems, their access has now been compromised and data can be accessed by the wrong people.

Phishing emails usually appear to come from trusted sources, making them blend in with your inbox. Luckily there are some easy ways to recognize a phishing email to help you notice and take action when something is off.

Test your security

Pen testing within your organization can help you to locate your unique vulnerabilities. Finding these holes and sealing them up before the bad guys can exploit them will ensure that your data stays safe and secure.

If your IT department needs assistance putting together a pen test, there are companies that can help. Kevin Mitnick’s Global Ghost Team, Mitnick Security, provides one way to locate these holes.

Educate your team

Education is undeniably the best protection you have against phishing, which is why it’s been a common theme in our webinar series. Your employees may be well-intentioned, but everyone from the CEO down needs the right tools and information to protect themselves and your business.

Taking the time to educate your team on how to spot phishing attempts is a necessary investment.

What’s up next

If you enjoyed this chat with Alex, sign up to find out about our upcoming webinars. They’re the best way to learn what’s possible with 1Password.

Content Pirate

Sarah Brown - Content Pirate Sarah Brown - Content Pirate

Tweet about this post

Continue Reading