Three billion phishing emails a day are sent to unsuspecting employees. One in every 99 emails are phishing attacks—those cleverly crafted fake emails targeting data designed to look like they come from trusted senders. Left alone, these emails mean nothing, but one click on a “sexy looking” link means everything to a hacker—they are in your computer and in your network.
According to Cleardin more than 55 million emails reveal that one in every 99 emails is a phishing attack. Though different studies report different numbers, you get the bigger picture in a large multi-national company with over 100,000 employees sending and receiving emails. Of these phishing emails, two in three hackers tempt employees either with a malicious link or embed malware in the email. This amounts to 4.8 phishing emails per employee over a five-day workweek.
Phishing messages look like any other legitimate email or text message with company designs, text font and headings. The big fake out that the message looks like is from a trustworthy source: banks, credit unions, government departments, the company’s CEO, and even friends.
What Phishing Attacks do
When a phishing attack works, it tarnishes an organization’s brand. Russian hackers reportedly sold more than 245,000 credit card details from a British Airways database. Uber, in 2016, concealed a massive hack that exposed data of 57 million users and drivers. Usernames, passwords, bank account information, or other credentials are classic steal information for hackers.
Because spear-phishing scams can be hyper-targeted to you, it’s essential to exercise caution. You should verify messages before opening them and continually review your messages for signs of phishing by be alert to:
- Emails that request personal information like social security numbers or bank or financial information.
- An email address changed to be similar enough to a legitimate email address. Check for added numbers or changed letters.
- An email from a business or someone you never deal with.
- A message asking you to enable macros, adjust security settings, or install applications.
- A message containing errors.
- A sender’s address doesn’t match the signature on the message itself.
- A greeting on the “to” bar or message itself doesn’t address you.