Recently we looked at what phishing is, and how it could be a threat to your clients and your business. We now look at the wider context of the threat – how common it is, and where it might come from – before reminding ourselves of some of the steps that can be taken to mitigate the threat.
Phishing is an attempt to fraudulently extract information, such as passwords, by encouraging victims to click on a link or open an attachment that will deliver malware onto their device. And it happens more often than you might think.
An Office for National Statistics report in 2022 revealed that UK organisations have experienced a 57% increase in “consumer and retail fraud” compared to pre-pandemic levels.
The positive news is that threat prevention specialists, Tessian reported in 2022 that the UK has the greatest global awareness of phishing. It found that 69% of respondents in the country could correctly define phishing. By contrast, that figure was 66% in Australia and Japan, 64% in Germany, 63% in France and Spain, and only 52% in the US.
The share of spam emails sent from Russia has continued to grow, with a 2022 report from Russian multinational cybersecurity provider Kaspersky revealing that 29.82% of all malicious emails originated in the country. That’s more than twice as much as second-placed China (14%).
LinkedIn has emerged as the social media platform used most often in scams. Research from cyber risk specialist Check Point has found that, in phishing attacks that imitated a known brand, LinkedIn was used 52% of the time.
Here’s a reminder of what to be aware of and look when it comes to potential phishing attacks.
Although phishing is mainly associated with email, malicious actors can use a variety of other communication channels.
Video call and collaborative software, such as Microsoft Teams, Zoom and Slack, are now a central part of business life, allowing individuals, teams, and firms to interact seamlessly in real time. Malicious actors look to employ these tools as they do emails, using impersonation to contact a user and convince them of a message’s veracity, then urging them to take action.
One of the tactics seen in recent cases involves a message purporting to come from a senior colleague or manager, and structured in such a way as to generate an immediate response.
For example, this could be asking the recipient to take urgent actions to assist with an important business process (such as a payment or transfer), or presenting information that will be of special interest to the recipient (e.g. a restructure within the organisation, news of a takeover, or that the recipient’s position with their employer maybe in question).
Within Microsoft Teams, if contact is received from an external source, the following text will be presented below the sender’s name:
Whilst the sender’s name may be presented to appear familiar, hovering over the name will display the sender’s email address.
Microsoft have publicised some information here around managing external contacts.
Smishing (short for SMS phishing or text phishing) occurs when these same tactics are used to launch an attack via mobile phone messaging.
These attacks are often quite generic, focusing on an issue that’s likely to affect a large number of people. This is because they are often delivered to thousands of people at time – an example of mass phishing.
Previously identified examples of this have included issues such as COVID jabs. Another very recent attack, shown below, refers to Winter Heating Subsidies – an issue well reported in the news, and of obvious interest to large numbers of people.