The FBI warns phishing attacks will increase 400% year-over-year, making it of vital importance to understand this increasingly threatening cybercrime. So, what are phishing attacks and why are they responsible for roughly 90% of all data breaches?
You may have heard of, or even received phishing emails before. Fraudulent emails disguised as being from companies such as PayPal, Amazon or Netflix, asking you to click a link to update your payment information with the intention to steal your private details.
These emails are an example of a scamming technique called phishing. Emails designed to manipulate and deceive receivers into revealing sensitive information.
The following are three of the main phishing techniques cybercriminals utilise.
The 3 Email Phishing Techniques
A bulk phishing attack is an untargeted large-scale distribution of fraudulent emails. It is the most common classification of phishing attack. These emails often disguise as a financial institution or subscription-based service, in the hope that the receiver will reveal bank details or other sensitive information.
A spear phishing attack differs from bulk phishing as it is a tailored attempt to deceive employees from a targeted organisation. This may involve posing as another employee and due to the tailored nature of the attack, can prove much more deceiving than bulk phishing.
Whaling is similar to spear phishing in being a targeted and tailored approach, although specifically targets the ‘big fish’ of an organisation. Targeting high level executives, MDs, CEOs and other influential members of a company.
These phishing techniques are implemented on business owners and employees at an increasingly prolific rate. With 42% of workers admitting to have failed to follow phishing prevention best practices, phishing attacks have become a real threat to companies.
With malicious intentions to steal your data, impose ransomware and expose your company to a whole host of cloud security threats, failing to properly prepare for phishing attacks by implementing a multifaceted cyber security process, could hold devastating consequences for your business.