Phishing is the fraudulent practice of sending fake emails that trick people into believing they are from a legitimate company or person of interest. Criminals use phishing to trick people into providing personal and sensitive information or to click on dangerous links and attachments in order to download malicious software onto their devices.
Phishing is one of the fastest growing crime industries to date with 85% of businesses reporting that they have been subject to a phishing attack in the past year with 96% of those reporting that phishing was their top cyber security concern.
92% of malware attacks are via malicious emails.
Phishing attempts have grown 65% in the last year
Almost 50% of phishing sites are using HTTPS encryption.
The different types of Phishing
Depending on how authentic the phishing attack looks, regular phishing emails have a lower success rate then the likes of spear-phishing and vishing. Criminals know this and send thousands of these emails around the world daily to increase their chances of tricking you. Phishing emails tend to be purporting large organisations like Apple, Amazon, Facebook and other businesses that millions of people use. Criminals who use this technique mainly focus on stealing personal information by tricking victims into entering names, addresses, credentials and bank information on fake websites.
This technique has the higher success rate but takes a bit of time and research for the criminal to get what they want. Spear-phishing is where a criminal targets an individual person or business by creating a fake email that relates to the target. Using social engineering and research they will pretend to be someone the individual knows like a manager, business partner or friend and make the email relevant. The end goal of spear-phishing varies. Criminals have the opportunity to ask their victims to do almost anything if they get it right. They could ask you to open a fake invoice which is riddled with malware, ask for your login details to “perform updates” or authorise a payment to a “clients” bank account.
How can Cyber Wise help you?
Cyber Wise Phishing Simulations are the best way to find out how prone your business is to a successful Phishing attack. Send fake phishing emails to your employees to test their abilities at spotting potentially dangerous emails, and to make sure they are always on the lookout.
We post the latest popular and successful Phishing emails to our Phishing Gallery to make sure you are prepared for when one pops into your inbox in. Our Phishing Gallery also highlights key parts to the emails, teaching you how to spot these persistent attacks in future.