CIRA Executive Brief – Region 2 Tallahassee 3-15-2023
Phishing is one of the most common types of cyberattacks that can seriously impact both individuals and organizations. These kinds of attacks can take place almost anywhere online; text, websites, and social media, but are most commonly seen in the form of email.
The SlashNext State of Phishing Report for 2022, released in October, found that there was a 61% increase in the rate of phishing attacks in just the first 6 months of the year compared to last year’s data. Not only have the rates of phishing attacks increased, there was a 50% increase in attacks on mobile devices, with scams and credential theft at the top of the list of payloads.
With all of this in mind, it is perhaps more important than ever to stay vigilant against phishing attacks.
Phishing is one of the most common types of cyberattacks that can seriously impact both individuals and organizations. These kinds of attacks can take place almost anywhere online; text, websites, and social media, but are most commonly seen in the form of email.
The SlashNext State of Phishing Report for 2022, released in October, found that there was a 61% increase in the rate of phishing attacks in just the first 6 months of the year compared to last year’s data. Not only have the rates of phishing attacks increased, there was a 50% increase in attacks on mobile devices, with scams and credential theft at the top of the list of payloads.
With all of this in mind, it is perhaps more important than ever to stay vigilant against phishing attacks. Read on to learn more about this type of attack and helpful ways to identify and avoid them.
Phishing is a type of social engineering attack, or an attack that involves psychological manipulation, to steal your personal information or install malicious software on your devices. To accomplish this, cybercriminals will disguise themselves as a legitimate source, such as a well-known company or financial institution, to deliver realistic messages and trick you into giving up your personal information.
Cybercriminals behind these attacks will go to great lengths to make their scams appear legitimate, using the logos and branding of trustworthy sources to disguise themselves. Not only will they create emails under the source’s branding, but they will often create spoofed websites, which are fake websites designed to look legitimate, to accompany them.
The goal of these emails is often to get you to click on a link and enter your personal credentials into the fake website that it leads to. Once that happens, your information will be sent to the attacker behind the scam.
Although it can sometimes be difficult, there are several ways that you can identify a phishing email.
According to fightcybercrime.org, the best ways to identify a phishing email include:
If you clicked on a phishing email link or provided your information, first take a deep breath and know that it can happen to anyone.
As we continue into 2023, it’s guaranteed that cybercriminals will continue to launch more and more phishing campaigns with the hopes of stealing personal information from unsuspecting victims. Remember to always be cautious online and when in doubt, always do your research!
Information retrieved from fightcybercrime.org. For more details on phishing attacks, visit: https://fightcybercrime.org/scams/hacked-devices-accounts/phishing/