Pages

Phishing continues to create problems for people all around the world

Phishing is one of the most annoying attacks tech-age has ever encountered. It is one of the most passive kinds of active security breaches that can exist. Why are we calling it a passive-active breach? Well mainly because it doesn’t really do much when it is in its initial phase but can prove to be very lethal when cyber hackers steal the information in the process.

Phishing is a really big problem for large companies as they get phished out every year with new kinds of techniques. This results in a large amount of data loss, moreover, it damages the integrity of the business. Many companies and businesses try to overcome these attacks by configuring their systems and servers with the best of firewalls and security mechanisms but they somehow end up getting phished.

KnowBe4 came up with a report that lists the top clicked links and subjects because of which the users get phished. This report consists of all the information covering all the 4 continents (U.S, Europe, Middle East and Africa).

According to the data, Business, Online Services, Human Resources, IT and Banking/Finance are the top 5 industries which received the most clicks all around the world.

Business was found to be the most hot topic for attackers as they used business emails to their advantage. These emails contain all the normal routine material that an employee would get ranging from invoices, surveys and purchase orders. Employees would get fooled by these emails and give away important and confidential information which the attacks would use later.

Online services category was found to be the 2nd one on the list. Attacks target their prey by sending them fake emails disguising themselves as a well known company. The emails are so well written that the receiver really thinks that it is authentic but it contains links which leads them to the wrong domain created specifically for stealing login data.

HR Related messages were 3rd on the list. These emails are generally named as “HR” and contain instructions that require users to act on as soon as they can. They do as they are directed and hence they do exactly what the attacker wants them to do.

IT and Banking/Finance were found to be 4th and 5th respectively. They are somehow connected to each other and hence attacks use the internet and fake bank transactions or emails which would misguide the user to links where they end up entering their bank account details. The attacker can easily empty their accounts and run away without being traced.

This is why it is important for every organization to educate their employees so that they don’t go around clicking on links where they might end up getting phished out. It is better to read each and every email carefully so that you can clarify that the email is authentic and that they are not being phished.

Business phishing emails are the most clicked subject category across the world. These range from messages purporting to be from internal organizational departments, to external requests for information that convey a sense of urgency and entice users to take an action.

Read next: Robocalls Increased by 10% in 2021

No comments: