Although phishing is a well-known type of social engineering attack, it is estimated that around 80,000 people fall victim to phishing scams every day.
These are malicious emails or text messages that appear to come from legitimate sources but are actually trying to trick users into providing personal data, such as credit card numbers or login credentials. Some even install malware that can wreak havoc on a company's network and can cost a fortune in cleanup, fines and lost customers.
Depending on the permissions granted for the affected account, a successful phishing attempt could give the attacker access to an organization’s most sensitive databases and applications or, in the case of a ransomware attack, allow them to encrypt business-critical data or expose it if a ransom is not paid.
In recent years, ransomware attackers have switched from email to latvia whatsapp data insecure public servers and vulnerabilities in corporate networks, but recently, security experts have seen a resurgence of email-delivered ransomware . In fact, according to the FBI, in 2019, US businesses suffered $1.7 billion in losses caused by compromised business email accounts .
Signs you may be suffering from a phishing attack
Cyber attackers are constantly changing their tactics, but there are some telltale signs that an email may contain a phishing scam . Malicious emails often have a known or trusted source as the sender, such as a bank, credit card company, social media site, or online store. Even the sender's email address may be very similar to that of the company in question, but with some discrepancies, such as minor spelling differences, missing letters, or punctuation changes such as an underscore instead of a period.
Other warning signs to look out for include:
Generic greetings or signatures
Hyperlinks and fake websites
Spelling and grammar errors
Formatting errors
Suspicious attached documents
When opening the email, the message invites the recipient to click or open an attachment to complete an action. Some typical phishing invitations include:
“We detected suspicious activity on your account”
“There is a problem with your billing or payment information”
“We need you to confirm your personal data”
“You must pay this bill”
“Click this link to make a payment”
“You are eligible to apply for a government refund”
“Claim your prize or free item”
What to do if you receive a phishing email
Cyber attackers are experts at bypassing malware filters, so chances are you'll receive a phishing email from time to time. If you receive a suspicious email, do not reply, click on any links, open any attachments, or provide any information. Immediately forward it to the appropriate IT security administrator in your organization to make them aware of the phishing attempt so they can deal with it appropriately.