Hackers are becoming more and more sophisticated in their phishing email attempts to steal personal and company data.

The number of data breaches caused by phishing is increasing with hackers finding their way into a company’s network using phished information such as employees’ stolen credentials, according to a recent report from cybersecurity organization Crowdstrike. In fact, hackers are now studying company’s leaders’ and employees’ communications to impersonate company emails and trick employees into entering their usernames and passwords into fake login links. Or, employees are being tricked into transferring money to fake bank accounts or purchasing gift cards thinking they are doing so on the directive on their superiors.

Recently, a Texas school district lost $2.3 million to a phishing scam. A school employee sent money through three separate transactions to a fake bank account before the scam was uncovered.

How to Prevent Phishing Attacks

1. Train and Educate Employees

Providing employees with ongoing training on phishing attacks and cyber awareness is key to helping them recognize phishing emails and other suspicious activity.

2. Be Aware

Don’t open email attachments or click links from senders you don’t know. If you receive something from a trusted source that seems suspicious, double check with that person to make sure he or she sent the email or made the request.

3. Report Phishing Attempts

If you spot a phishing email, make sure the email is flagged and reported to the proper department so other employees can be warned.