Cybercriminals have been using phishing scams since the early 1990s, and phishing has remained their preferred method of stealing personal and financial information to this day. Although businesses nowadays implement cybersecurity measures and best practices to avoid falling prey to phishing emails, some still do get victimized. In fact, according to Verizon's 2020 Data Breach Investigations Report (DBIR), phishing scams made up almost one-third of all data breaches last year.
What is phishing?
Phishing is a form of cyberattack where cybercriminals use fake but legitimate-looking emails to steal your private information for personal, financial, or professional gain. Phishing emails come with a link that will take you to a fraudulent site asking for your information or an attachment that when clicked will download malware onto your computer.
Most clicked social media subject lines in Q1 2020
- Someone sent you a direct message
- Your primary email has changed
- Someone mentioned you
- You were tagged in a photo
- Please add me to your network
- Your password has been reset
- You appeared in new searches
Most clicked email subjects in Q1 2020
- You have been added to Microsoft Teams
- Changes in your PTO policies
- Password check required
- Scheduled server maintenance
- CDC health alert: coronavirus outbreak
- Testing your company's emergency notification system
- Deactivation of your email in progress
- Revised vacation and sick leave policy
- Important message from human resources
- Someone sent you a Valentine's ecard
Most clicked email subjects in Q2 2020
- Vacation leave policy update
- Password check needed now
- Business reopening schedule
- COVID-19 stimulus pack
- Coronavirus vaccine available
- List of rescheduled meetings because of coronavirus
- Breaking news: COVID-19 now airborne
- Confidential data on coronavirus
- FedEx tracking
- Your meeting will start soon
Reasons why phishing attacks succeed
Several factors determine the success of a phishing attack:
1. Phishing campaigns are becoming more personalized
Gone are the days when people received an anonymous email from a Nigerian prince offering to transfer a huge amount of money to the unwitting recipient's bank account. Hackers are now crafting more sophisticated phishing scams using information that seems to come from a trusted source.
2. Phishing is going beyond email
Phishing scams are no longer exclusive to emails. Hackers now also take advantage of social media, voice calls, and SMS to target their victims. In fact, during the first quarter of 2019, phishing attacks using social media rose to an alarming 70%.
3. Most people can't recognize a phishing email
Many people accessing their email and social media accounts fail to recognize the signs of a phishing attack. This makes them obliviously click on compromised links and download attachments without giving it a second thought.
4. Companies are not doing enough to protect their employees
Some companies can't stop phishing attacks because they lack the proper cybersecurity protocols and policies. These protocols include email filtering software, antivirus software, data backups, and employee training, without which employees could easily click on malicious links.
There's no sign that phishing attacks are slowing down anytime soon, which is why you need the help of an experienced MSP like Complete Document Solutions. Our cybersecurity services will safeguard your employees and network from phishing attacks and other threats. Learn more about the essential types of cybersecurity solutions your business must have by downloading this free eBook..