Phishing is the fraudulent attempt to steal information by social engineering: the act of criminal deception.
Phishing scams are commonplace today, but that wasn’t always the case. The earliest phishing cases transpired more than 20 years ago. In the beginning, fake emails were pretty easy to detect. Starting in the ‘90s, phishing attackers targeted the AOL
users (History of AOL
). As the use of the internet and email grew in popularity, the number of phishing scams increased. Phishing attacks progressed into sending automated campaigns to people to steal their credentials. As time went on, hackers started making the subject of their emails more engaging. Then, hackers starting sending emails from familiar contact names or companies.
Attackers send out fake messages with the hope that at least some of the recipients will click on a malicious URL or email attachment.
Phishers send out thousands of emails at a time. Some of the recipients fall for the fake message. In contrast, spear phishing emphasizes a high rate of return over a small set of victims. Going after information, spear phishers invest their time in researching their targets and using that information to customize their attack emails. If they can successfully phish someone with authority, they can gain access to valuable data.Read more about modern phishing facts and information.
Data of companies and organizations is constantly being exploited by some sort of phishing attack. The versions of the emails are different, but basically the principal idea is to send a legitimate looking email to a recipient to invoke a particular action, like clicking a link or opening an attachment.
Phishing attacks are responsible for more than 90% of successful cyberattacks
. To keep your company protected, your employees must be thoroughly trained in security awareness. Today’s hackers often use phishing techniques that threaten your company’s security. Simply training your staff to recognize a phishing emails
and deal with it appropriately can add an important layer of protection, possibly saving your business or organization thousands of dollars.
Here are tips to avoid phishing attacks:
• Don’t click everything that gets emailed to you.
• Don’t ever open an attachment from someone you don’t know.
• If you receive an attachment from someone you know, but you aren’t expecting
it, don’t open it. Verify with that person that they sent it to you.
• If you don’t know the sender of a link sent to you, don’t open it.
• Hover over links in emails, checking the URL to verify authenticity.
Phishing emails are sometimes easy to spot due to misspellings or fake logos that shouldn’t fool anyone. Sometimes they are extremely sophisticated, filled with personal information that leads an employee to believe they are real or they are written in an urgent tone demanding a response. PhishingBox educates your employees on the dangers of phishing emails. With phishing simulations, you can send customized emails to your employees so that they are trained to treat suspicious emails in a safe way.
The evolution of phishing attacks has come a long way. PhishingBox assesses a company’s risk exposure to phishing attacks and tests employees’ ability to spot and report suspicious emails.