Phishing remains in 2019 the most effective method of cyber attack. But what exactly is it? Why, over two decades after it began, are so many of us blissfully ignorant to its existence?
A basic definition…
Very simply put, phishing is when a cybercriminal attempts to steal sensitive information (usernames, passwords, bank details etc) by using a fake email or website and making you think it’s real. The hacker can then use this data to retrieve more information, install malicious software or access the victim’s bank account.
This method of attack is nothing new, the first phishing attempts were recorded in the mid-90s. Since then the internet has seen literally millions of successful phishing attacks across the globe.
There is one issue which is far more concerning than the phishing attacks themselves – our lack of awareness.
What is phishing?
As of 2019, 45% of internet users are still unaware of what phishing is.
While there may be a glimmer of hope found in the 33,000 monthly searches of “What is phishing?” hopes quickly fade to black when compared with the 60,000 monthly searches of “Why are cats afraid of cucumbers?”
“Much like a mutating virus, digital services and devices keep churning out new threats along with the new benefits – making mitigation efforts a daunting and open-ended challenge for everyone”
David Ellis, Ph.D – Director, Dept of communication studies, York University, Toronto.
Phishing and the understanding thereof is an issue which should be taken very seriously at both the corporate and individual level. Slowly, organisations are focusing on educating their employees on the dangers of phishing. It is important to understand, however, that it is not just companies at risk. Personal phishing attacks are still incredibly effective. We as individuals owe it to our own digital wellbeing to learn more about how to protect ourselves.
A Google blog post explores why phishing emails are still so effective and suggests education and awareness play key roles in overcoming this epidemic.
Time to learn…
At Phishing Tackle, we help our clients educate their staff and have had great success in reducing the numbers of employees clicking on malicious emails and websites.
The next time you have ten minutes spare, consider learning a bit more about phishing and online security, a great article on cyber security best practices can be found here. If it saves you from even one malicious attack, it was worth it.