Approach with caution, Cy-Rex present

Meet Cy-Rex, the International Cyber Exhibition Dinosaur who is cute and fluffy, right? Although he appears innocent, genuine and an ideal friend for a small child, he is actually the physical product covering up a cybercriminal in hiding.

It might seem hard to believe, so let us tell you a little bit more about Cy-Rex. Cy-Rex’s innocent and genuine persona lures you in, so you think he’s not capable of causing significant damage to your business. However, this is all an act as he is ready to make his real personality shine through and be the true dinosaur he really is.


This is a similar approach that cybercriminals take when they instigate a phishing attack, (where attacks attempt to trick users into doing ‘the wrong thing’ such as clicking a bad link).


The link and accompanying instruction may seem genuine but once you have taken the required action, the outcome will not be a positive one. Usually, clicking the link will lead to a ransomware infection, preventing you from accessing your computer (and the data that is stored on it.


The Cyber Security Breaches Survey for 2021 revealed that in the last 12 months, 39% of businesses and 26% of charities have reported a cyber security breach or attack. Among those that have identified breaches or attacks, around a quarter (27% of these businesses and 23% of these charities) experience them at least once a week.


The most common by far are phishing attacks with 83% hitting businesses and 79% hitting charities.


The survey also revealed that one of the respondents had carried out a mock phishing exercise as part of their risk assessment – they found that 15% of staff responded to the mock phishing email.


So, the lesson here is that whilst what you see on the outside seems genuine, you always need to proceed with caution, or you may be a victim of Cy-Rex’s cousin, Cy-Phish who is a silent assassin with sharp teeth and a sting in his fin that may leave you in a spot of bother.


To help you, we can help educate your employees with our Security Awareness Training. The training is delivered by our experts and is focused towards those with little or no cyber security or technical knowledge. The sessions are made up of small and succinct modules using real-world examples.


The training sessions help staff understand their working environment, giving them the confidence to speak up when something doesn’t look right.


The training is tailored to each individual audience to provide the right level of skills and context for your business. The trainers are highly knowledgeable, personable, and friendly and pride themselves on providing the right environment for your people to feel comfortable and to ask questions.


Find out more on our website.

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the West Midlands is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the West Midlands provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

 

The Cyber Resilience Centre for the West Midlands does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the West Midlands is not responsible for the content of external internet sites that link to this site or which are linked from it.