In our latest in-depth exploration of cyber security, we’re focusing on the topic of phishing.
This includes an explanation of what phishing is, why it continues to pose a threat, and the actions you can take to address it.
Phishing represents a prevalent and highly effective form of cyber-attack, with 91% of cyber-attacks commencing through email, even if other methods are ultimately employed for breaching security.
Disturbingly, one out of every five phishing attempts succeeds and with the advent of AI technology it is likely that the average success rate will increase…
If a single employee falls victim to such an attack, it can have catastrophic consequences for your business.
While you may have some familiarity with phishing, it’s possible that you lack comprehensive information on the subject.
Fortunately, we have all the details you need right here.
What is phishing exactly?
- Phishing attacks commonly arrive in the form of deceptive emails, designed to mimic a source that you trust. These attacks are named after the act of using bait to ensnare unsuspecting victims in a scam. Like other forms of social engineering, phishing exploits your trust in order to trick you into taking an action you wouldn’t normally take, such as divulging personal information or transferring money. Phishing attacks generally fall into two categories: Mass Phishing and Spear Phishing.
- Mass Phishing attacks involve the mass distribution of hundreds or thousands of emails with a shared theme, sent to various individuals or organizations. These emails tend to be generic and often pretend to be from widely-used companies. For example, you might receive an email claiming that your subscription to a service like Netflix has expired and prompting you to update your payment details. Clicking on the provided link would lead you to a fake page where you’re expected to input your information. While many people might ignore such emails, criminals are hoping to catch a few individuals in their trap.
- Spear Phishing is a highly targeted approach. Attackers personalize and direct their emails at specific individuals, utilizing data they have obtained.
This customization grants them a higher level of access and enables them to enhance the deception. The access they gain may be used to directly steal information or money, or to launch further social engineering attacks. In either case, these targeted attacks can be more difficult to identify.
Why is it still crucial to be aware of phishing? You might be under the impression that phishing is an outdated threat, given the advancements in technology.
After all, wouldn’t these “low-tech” methods be ineffective now?
However, it is precisely because of their low-tech nature that phishing attacks remain a popular choice for cyber criminals.
While it’s true that very few people would fall for poorly worded emails promising immense wealth from a foreign prince, modern phishing emails are far more convincing.
Moreover, there are more phishing emails circulating than ever before. In 2022 alone, spam emails accounted for over 47% of all email traffic, and that’s just the ones that were detected.
Phishing attacks today are effective because they exploit common everyday behaviours and users complacency rather than relying on unbelievable promises. The messages they convey are more likely to involve scenarios such as “Your account has been suspended,” “A parcel has been delivered,” or “Your tax return has not been filed.” These emails often impersonate reputable brands and organizations, ranging from domestic services like the Royal Mail, DHL to well-known global brands such as Apple, Amazon, and Microsoft.
The perpetrators are counting on you to trust the appearance of these names and logos without questioning their legitimacy when they ask you to perform a seemingly believable action.
Unfortunately whilst we can improve the business defences against software and technology, humans error will always remain the weakest link..
What are the risks posed by phishing to your business?
- The potential gains for cyber criminals from phishing attacks are substantial, ensuring their persistence. However, what does this mean for an average business? Naturally, the most evident risk is financial loss. This can occur through divulging bank details, making unauthorized payments, or falling victim to ransomware, which may result in paying a ransom. We have addressed the topic of ransomware in one of our other posts.
- Another peril is the loss of data, which not only presents a nuisance and makes your organization vulnerable to future attacks but also exposes you to potential penalties under current data protection regulations.
- Additionally, a phishing attack can indirectly damage your business’s reputation. If someone within your organization is impersonated, and the criminal launches a spear phishing campaign against your suppliers or customers, the consequences can be detrimental to your image.
How can you recognize and prevent phishing attacks?
User vigilance is a key to stopping a breach before it can start, your team should pay attention to the following:
- The sender’s email address: Does it appear legitimate, or does it contain excessive words and punctuation marks?
- The email subject line: Does it exist, and does it make sense or reveal any suspicious elements?
- Other recipients: Legitimate marketing or communication emails from organizations typically do not reveal the names of other recipients. Such information should be hidden. Therefore, if you spot other email addresses under the BCC field, exercise caution when dealing with the email.
- The design: How well-crafted is the email? Are there noticeable flaws that raise suspicion?
- Attachments: Preview and verify any attachments accompanying an email. If you don’t recognize the file type, it’s best to refrain from interacting with it.
- Context: Question whether you were expecting the email, and if not, evaluate whether the claims being made add up. Remember, for sensitive matters, you’re more likely to receive a physical letter rather than an email.
- Additionally, it’s essential to verify links before clicking on them, only proceeding if you’re certain they can be trusted. Your antivirus software should provide some protection against immediate threats.
Won’t my spam filter prevent these emails from reaching me?
You might wonder whether you would ever receive such emails, considering that most email clients and cybersecurity software include built-in spam filters.
However, as we mentioned earlier, this is not always sufficient. In the case of a targeted attack initiated by hacking someone else’s computer, the email may appear legitimate and from a contact that is known to the individual… If there are no links that could be perceived as malicious (leading to an apparently legitimate certified website), it could slip past the radar.
Therefore, it’s always wise to exercise caution and scrutinize anything that seems suspicious.
In conclusion, it’s crucial to remain vigilant. If you have any doubts about an email that appears to originate from within your organization, take the time to verify it with a real person. Whatever you do, refrain from replying and requesting proof because in a targeted attack it is very likely that there is likely someone on the other end who will strive to maintain the deception.
If you have any questions or would like to speak to one of the team about user training, or other technology solutions to mitigate the risk of a successful phishing campaign please contact Swift today..