Phishing is the most common cybercrime tactic and takes place when a target or targets are contacted by email, phone or text message by someone posing as a legitimate institution to trick them into providing personal data, such as banking information and passwords.
3.4 billion phishing emails are sent every day and in 2023 alone, 33 million data records are expected to be compromised due to phishing attacks.
While most people might consider themselves savvy enough to avoid becoming a victim of phishing, this cybercrime is still growing at an alarming rate. In its 2022 State of Phishing Report, SlashNext reported that there were 255 million phishing attacks in 2022. This is an alarming 61 percent increase in the frequency of phishing attacks over 2021.
Some other alarming statistics:
Gmail blocks more than 100 million phishing emails a day
(Source: Google)
More than one-third of tech users fell victim to phishing Fell despite access to training geared towards identifying attacks
(Source: National Cybersecurity Alliance)
Even though more than half (58%) of tech users that had access to cybersecurity training or education cited that they were better at recognizing phishing messages and related attacks, 34% still fell victim to at least one type of cybercrime.
(Source: National Cybersecurity Alliance)
Top types of data that are compromised in a social engineering attack:
Credentials, such as usernames and passwords (63%).
Internal data, such as sales figures (32%).
Personal data, such as addresses and phone numbers (24%).\
(Source: Verizon)
You might consider yourself technologically savvy, but it’s worth brushing up on phishing tactics that could trick you into giving away personal information. Here are 5 common traits of phishing scams from Phishing.org.
Too Good To Be True – Lucrative offers and attention-grabbing statements are designed to attract people’s attention immediately and trick them into clicking on links. Many claim that you have won an iPhone, a lottery, or some other significant prize. Never click on suspicious emails. The old adage if it seems too good to be true, it probably is, applies to phishing scams.
Sense of Urgency – A favorite tactic amongst cybercriminals is to ask you to act fast because an incredible deal is available for a very limited time. It’s best to ignore and delete these types of emails. Sometimes, they will tell you that your account will be suspended unless you update your personal details immediately. Never trust these types of urgent requests as most reputable companies and organizations give ample time before they terminate an account. A legitimate company will also never ask you to update personal details over the Internet or via text. When in doubt, contact the organization directly, rather than click on a link in a sketchy email.
Hyperlinks – A malicious hyperlink can be disguised to look legitimate. If something sounds suspicious, hover over the link to view the actual URL where you will be directed. It could be completely different or it could be a popular website with an easy to overlook misspelling. This is a sure sign of a phishing scam.
Attachments – If you see an attachment in an email you weren’t expecting or that doesn’t make sense, don’t open it! They often contain payloads like ransomware or other viruses. The only file type that is always safe to click on is a .txt file.
Unusual Sender – If at first glance an email looks like it is from someone you don’t normally receive emails from or if anything seems out of the ordinary, unexpected, out of character or just suspicious in general don’t click on it!
As hybrid and remote workers continue to rely on digital forms of communication and messaging apps, phishing will continue to be a threat.
Looking for identity theft protection for your employees as the threat of cybercrime continues to rise? Enfortra offers solutions for various needs across industries, from credit monitoring to restoration and recovery.
