Here's another thing to add to your Incident Response plan: phishing response.
No matter what type of cyber attack or breach lands your company in the headlines, phishing of your customers, vendors, or clients is likely to result.
Cathay Pacific Airlines just had to issue a warning about phishing attempts against customers—a few days after the airline announced unauthorized access to customer data. Click the message to expand it:
How to tell if a Cathay Pacific email is fake
The cyber incident phishing warning spells out exactly which email address is legitimate if Cathay Pacific is notifying you that your information was compromised. That email is infosecurity@cathaypacific.com.
Even a one letter change or a number added to this "from" address could be a phishing email, the kind that just tricked Washington D.C.'s local government into sending hackers almost $700,000.
And the notice offers a warning for customers:
"With regard to this data security event, we will never request your personal or financial information, and we will never ask for your password. If you are concerned about an email, we recommend that you don’t click on any links, open any attachments or reply to it."
Now we can add a "phishing message warning" to our Incident Response plans. One that also lets customers, vendors, or employees know how they can tell if an email from your organization is really from your organization.
