What is Phishing?
Phishing Explained
Evolution Of Phishing Attacks
Phishing is the fraudulent attempt to steal information by social engineering: the act of criminal deception
Phishing scams are commonplace today, but that wasn’t always the case. The earliest phishing cases transpired more than 20 years ago. In the beginning, fake emails were pretty easy to detect. Starting in the ‘90s, phishing attackers targeted the AOL users (History of AOL). As the use of the internet and email grew in popularity, the number of phishing scams increased. Phishing attacks progressed into sending automated campaigns to people to steal their credentials. As time went on, hackers started making the subject of their emails more engaging. Then, hackers starting sending emails from familiar contact names or companies.
Attackers send out fake messages with the hope at least some of the recipients will click on a malicious URL or email attachment
Phishers send out thousands of emails at a time. Some of the recipients fall for the fake message. In contrast, spear phishing emphasizes a high rate of return over a small set of victims. Going after information, spear phishers invest their time in researching their targets then use that information to customize their attack emails. If they can successfully phish someone with authority, they can gain access to valuable data.
Read more about modern phishing facts and information.
Data of companies and organizations is constantly being exploited by some sort of phishing attack
The versions of the emails are different, but basically the principal idea is to send a legitimate looking email to a recipient to invoke a particular action, like clicking a link or opening an attachment.
Phishing attacks are responsible for more than 90% of successful cyberattacks
To keep your company protected, your employees must be thoroughly trained in security awareness. Today’s hackers often use phishing techniques that threaten your company’s security. Simply training your staff to recognize a phishing email and deal with it appropriately can add an important layer of protection, possibly saving your business or organization thousands of dollars.
Here are tips to avoid phishing attacks:
- Don’t click everything temailed to you.
- Don’t ever open an attachment from someone you don’t know.
- If you receive an attachment from someone you know, but you aren’t expecting it, don’t open it. Verify with that person they intentionally sent it to you.
- If you don’t know the sender of a link sent to you, don’t open it.
- Hover over links in emails, checking the URL to verify authenticity.
View our Phishing Awareness Training and Information Security Awareness Training
Phishing emails are sometimes easy to spot due to misspellings or fake logos that shouldn’t fool anyone
Sometimes they are extremely sophisticated, filled with personal information that leads an employee to believe they are real or they are written in an urgent tone demanding a response. PhishingBox educates your employees on the dangers of phishing emails. With phishing simulations, you can send customized emails to your employees so they are trained to treat suspicious emails in a safe way.
The evolution of phishing attacks has come a long way
PhishingBox assesses a company’s risk exposure to phishing attacks and tests employees’ ability to spot and report suspicious emails.
Other Articles
Related publications from PhishingBox
What can a phishing attack cost my company?
The Cost of Phishing Attacks
Do you know how to identify potentially fraudulent emails?
Anti-Phishing Security Control Checklist