Drumroll, please…
the award for the most common phishing scam goes to…
phishing emails!
It’s hardly a surprise that phishing emails hold the top spot as far as scams go, because email is the number one vector of cyber-attacks.  But the statistics hold true, as the latest information shows that phishing emails are indeed the most widespread.
Phishing emails are so common, I bet you already know about them and possibly see them with relative frequency.
In case you don’t know though, a phishing email is a type of scam designed to trick you into giving away personal information, like your passwords, bank account numbers, or customer and vendor lists. These emails commonly contain a malware attachment or a malicious link.
Imagine you get an email that looks like it’s from a company you know and trust, like your bank. The email might say there’s a problem with your account and ask you to click on a link to fix it. But when you click on the link, it takes you to a fake website that looks just like the real thing. If you enter your login details there, the scammers can steal your information.
It’s like the big bad wolf pretending to be grandma until little red riding hood gets close enough to eat.
How do you protect yourself from phishing scams?
Arm yourself with knowledge. The best defense is knowing about the threat and how these attacks are carried out. That makes it much easier to spot them, so you (and your team) don’t get tricked.
Let’s cover the top attacks from the past year, and the 3 categories they fall into.
Major Themes
Finance-themed phishing emails are by far the largest category, making up just over half (54%) of all phishing attacks. Commonly these message present fake invoices or payment request, fishing for your financial details.
The second largest attack is notification-themed emails. This makes up 35% of phishing attempts. These types of attacks are fake notification messages, claiming your password is going to expire or there is some critical action you need to take immediately. The core of this threat is the urgency they implore, to get you to stop thinking and start acting.
Moderate Themes
The middleweights in phishing attempts involve documents or voicemails.
Document scams (38%) use false documents to get you to take actions providing vital information, or even tricking you into downloading malware.
Voicemail scams (25%) likewise try to confuse you and get you to compromise your security.
Minor Themes
Though not as prevalent, the minor themes in phishing still pack a punch if you’re caught off guard. Keep an eye out for emails with topics about benefits, job applications, or property dealings. This time of year, be very careful with anything claiming to be about your taxes.
Do these topics and techniques sound familiar or are they news to you? Hopefully you are more informed now and use the information to be more vigilant with your emails.
Getting hooked by one of these scams can mean a world of pain, from financial hits to data leaks, not to mention the hit to your business’s reputation. It’s extremely important to clue in your team about these phishing tactics and to beef up your cyber defenses.
Email security can take the brunt of the work, catching most attacks before they reach your inbox. Computer and network monitoring can detect and respond to any attack that might have slipped through.
Your best play against phishing? Stay sharp, since we tend to make mistakes when tired or distracted, keep your team educated, and double down on solid security measures.
Your business is a treasure chest; let’s keep it that way. Think you might have a chink in your armor? Let’s chat and make sure your business is as secure as Fort Knox. Just use my live calendar to schedule a convenient time.