Phishing is the fraudulent practice of sending fake emails that trick people into believing they are from a legitimate company or person of interest. Criminals use phishing to trick people into providing personal and sensitive information or to click on dangerous links and attachments in order to download malicious software onto their devices.
Phishing has become one of the fastest growing crime industries to date. Cyber security firms estimated that £4.6bn was stolen from British internet users in 2017 with that figure expected to be much more in the Annual Crime Report for 2018.
Phishing attack percentage increase since 2017
Percentage of businesses targeted by phishing attacks in 2018
Percentage of malware delivered by email in 2018
The different types of Phishing
Depending on how authentic the phishing attack looks, regular phishing emails have a lower success rate then the likes of spear-phishing and vishing. Criminals know this and send thousands of these emails around the world daily to increase their chances of tricking someone. Phishing emails tend to be purporting large organisations like Apple, Amazon, Facebook and other businesses that millions of people use. Criminals who use this technique mainly focus on stealing personal information by tricking their victims into entering names, addresses, credentials and bank information on fake websites.
This technique has the higher success rate but takes a bit of time and research for the criminal to get what they want. Spear-phishing is where a criminal targets an individual person or business by creating a fake email that relates most to them. Using social engineering and research they will pretend to be someone the individual knows like a manager, business partner or friend and make the email relevant. The end goal of spear-phishing varies. Criminals have the opportunity to ask their victims to do almost anything if they get it right. They could ask you to open a fake invoice which is riddled with malware, ask for your login details to “perform updates” or authorise a payment to a “clients” bank account.
How can Cyber Wise help you?
Cyber Wise Phishing Simulations are the best way to find out how prone your business is to a successful Phishing attack. Send fake phishing emails to your employees to test their abilities at spotting potentially dangerous emails, and to make sure they are always on the lookout.
Do you want to learn more on how to protect yourself from Phishing attacks? This page will teach you the fundamentals to spotting phishing emails and advise you on the helpful tools out there that can limit the amount of Phishing emails you receive in your inbox.
We post the latest popular and successful Phishing emails to our Phishing Gallery to make sure you are prepared for when one pops into your inbox in. Our Phishing Gallery also highlights key parts to the emails, teaching you how to spot these persistent attacks in future.