Since Covid-19 became an everyday reality for almost everybody on the planet back in March 2020, there has been an exponential increase in phishing scams. From ransomware attacks bringing giants such as Garmin and LG Electronics to a standstill, to an increase in general phishing emails by 667% in just one month, 2020 did not come without its risks. Unfortunately, this trend already seems to be continuing moving forwards into 2021.
According to San Francisco-based Valimail’s research, phishing is still one of the most common and significant types of cyberattacks. In fact, 3.4 billion phishing emails are sent every day worldwide, despite Google alone blocking 18 million of these attempted scams. With this incredible amount of phishing attempts, it is unsurprising that 85% of all organisations have been hit by a phishing attack at least once. However, what is extremely worrying is that a single spear phishing attack resulted in an average loss of $1.6 million, and the average total cost of a data breach caused by a phishing attack was $3.86 million in 2020
The start of 2021 appears as bleak as the end of 2020. Cyber criminals have already exploited those eager to receive the Covid vaccine with scams such as the NHS Covid-19 vaccine invitation phishing scam.
Another scam, preying upon unsuspecting university students, anxious about the format of their education, has also been a fairly common attack. The email asks the reader to respond if they want their university credentials to remain the same, those that don’t comply will supposedly be required to create a new password if they have not responded within a set deadline.
These are just a couple of examples from a huge list of scams utilised by social engineers in 2021, however there are a few that are already making a return from 2020, such as this HSBC “smishing” (SMS Phishing) campaign.
A HSBC “smishing” scam that has been received by many UK phone numbers
This scam (originally highlighted by various different media outlets back in November 2020) asks the victim to “Authorise or Cancel” a “New Payee request” via a very realistic looking phishing link. The link then directs the victim to a landing page complete with HSBC branding and imaging for an increased sense of authenticity. The page requests sensitive bank information, and once inputted, this data can be used for any number of unscrupulous means.
All of these types of scams are becoming more and more common every day, does everybody in your organisation have the skill necessary to stop an attack in its tracks? Find out in our Free Click-Prone® Test today.