97% of people can't identify a phishing attack

97% of people can't identify a phishing attack

97% of people can't identify a phishing attack

  • 10 months ago
  • postat de: NSHOST

Unfortunately, phishing attacks are very common – in 2021, 83% of organizations experienced at least one phishing attack while another 6 billion attacks are expected in 2022. We can say that one out of 99 emails is a phishing attack. Perhaps most worrying is the fact that 97% of people cannot identify such scams.

The most common type of fraudulent communication used in a phishing attack remains email, although other forms of communication such as SMS text messages are becoming more common. Attackers use any means they can think of to get a user to follow a link to an illegitimate (looking legitimate) web page where sensitive data, credentials, or viruses are downloaded.

Phishing scams are often the "tip of the iceberg" or the first part of an attack to hit a target. The attack is most often aimed at stealing login credentials or providing personally identifiable information (or other sensitive information), an attack designed to trick a user into clicking a link that leads to the deployment of a malware payload on the victim's network. Once one or more users within an organization fall prey to a phishing campaign, attackers will be able to launch their attack on a larger or pure scale and even sell the information obtained on the darkweb.

Types of Phishing Attacks

Phishing has become so profitable that methods of targeting different types of victims have evolved. Today there are at least four categories of phishing attacks, each with a specific type of victim.

In addition to what we might consider regular phishing, which focuses on an ordinary computer and network users, there is spear phishing, whale phishing, and smishing.

Spear phishing. Unlike regular phishing scams, where hackers use a wide-reaching network to attract the largest possible number of potential victims, spear attacks are more focused. In this type of attack, members of a specific group/organization/community ie. are targeted.

The success rate is much higher than that of regular phishing, but it requires more resources invested by the hackers to conduct research before the attack. The more they can learn about their target, the more likely they are to succeed.

When someone receives an email or text message from a name they recognize and that individual knows details about the victim's company or personal life, they are more likely to trust the source of the email.

Whale phishing is similar to spear phishing, with a few notable differences: while the former generally targets members of a group, it focuses on a specific individual - usually the "biggest phish" in the target organization or an individual with significant resources or power that attackers want to use.

Whale phishing also requires a tremendous amount of research before the attack. Attackers can spend months, if not years, learning and grooming a "whale". Sometimes criminals even release smaller marks to gain additional information about their whale target.

Smishing phishing involves a text message rather than an email. Victims usually receive a deceptive text message to lure the recipient into providing their personal or financial information. Hackers try to masquerade as a government agency, bank, or other company to legitimize their claims, typically after personal information such as credentials, credit or debit card numbers and PINs, social security numbers, date of birth, or information sensitive. This information is then used to commit other crimes against the victim.

Signs of a phishing attack

The best protection is awareness and education. Do not open attachments or links in unsolicited emails, even if the emails are from a seemingly familiar source. We recommend extra caution in any of the following situations:

  • Links provided in emails do not point to the correct location or point to a third-party site that is not affiliated with the sender of the email. It is very important to analyze any link received by email before opening it carefully.
  • There is a request for personal information such as social security numbers or banking or financial information. Official communications will generally not ask you for personal information in the form of an email.
  • Elements of the email address will be modified to be similar enough to a legitimate email address, but very often there will be differences with the copied source.
  • The message is unexpected and unsolicited. If you suddenly receive an email from an entity or person you rarely deal with, consider this email suspicious and investigate further before responding or providing any information.
  • The message or attachment may ask you to adjust your security settings or install applications. Normal emails will not ask you to do this.
  • The message contains errors. Legitimate corporate messages are less likely to have grammatical errors or contain wrong information.
  • The sender's address does not match the signature on the message itself: the domain in the email address does not exactly match the domain of the received link.
  • There are multiple recipients in the "To" field and they appear to be random addresses. Corporate messages are usually sent directly to individual recipients.
  • The greeting on the message itself is not addressed to you personally. Aside from messages that are wrongly addressed to another person, greetings that misuse your name or pull your name directly from your email address are malicious.
  • The page that opens is not a live page, but rather an image that is designed to look like the site you are familiar with. A pop-up may appear asking for credentials.
  • Email address domains like bankOf[..]@gmail.com are definitely a red flag.email addresses have (with few exceptions) the same official domain as the official website. 

Spam filters are very important and deserve the full attention of each of us. But they protect us from low-budget phishing attacks. More sophisticated attacks pass this barrier and the chosen antivirus solution, ideally covering all devices and all accessed accounts, becomes very important. Backup and security are crucial to being able to restore vital information in a timely manner, before the impact of the attack grows.

We encourage you to invest in a secure and optimal hosting plan - choosing any of the NSHOST web shared, VPS or Cloud hosting packages and to allocate the necessary time to a caching policy suitable for your business to ensure record loading times of each web page.