Alarming Phishing Attack Trends
In 2020, 75% of companies globally fell victim to phishing attacks, highlighting the pervasive threat that phishing poses to businesses. As the primary delivery method for various cyberattacks, a single phishing email can lead to devastating consequences, from succumbing to ransomware to enduring costly downtime. Additionally, it can result in unwittingly surrendering credentials, enabling hackers to launch targeted attacks on customers. Exploiting human error, phishing employs sophisticated tactics to deceive recipients into disclosing information or infecting networks with malware.
Mobile phishing threats surged by 161% in 2021, necessitating robust safeguards against this relentless onslaught. Pennant Cyber recommends a comprehensive defense strategy that includes email filtering, DNS filtering, next-gen antivirus/anti-malware, and ongoing employee cybersecurity awareness training. To stay ahead of evolving threats, it is crucial to be aware of the latest phishing trends anticipated going forward.
Phishing is Increasingly Being Sent Via Text Message
Text message-based phishing, known as "smishing," is gaining prominence as cybercriminals exploit the widespread availability of mobile phone numbers. This trend is fueled by the surge in text messages, often associated with retail and service businesses sending updates. Pennant Cyber warns that smishing can mimic shipment notices, leading users to click on shortened URLs.
Business Email Compromise is on the Rise
The growing threat of ransomware has paved the way for another lucrative form of attack—Business Email Compromise (BEC). Cybercriminals leverage BEC to profit from scams like gift card fraud and fake wire transfer requests. What makes BEC particularly perilous is that gaining access to a business email account enables attackers to send convincing phishing emails to employees, customers, and vendors, exploiting the trust associated with familiar email addresses.
Small Businesses are Being Targeted More Frequently with Spear Phishing
Contrary to the misconception of being too small to attract hackers, small businesses are frequent targets due to their comparatively weaker IT security. Spear phishing, a targeted form of phishing, is on the rise even among smaller enterprises. Pennant Cyber emphasizes the heightened risk for small businesses, as tailored phishing attacks become more challenging for users to identify as scams.
The Use of Initial Access Brokers to Make Attacks More Effective
Large criminal groups continually optimize cyberattacks, treating them as profitable enterprises. One emerging strategy involves the use of Initial Access Brokers, specialists focused solely on gaining the initial breach into a network or company account. Pennant Cyber warns that incorporating these experts makes phishing attacks more dangerous and harder for users to detect.
Business Impersonation is Being Used More Often
As users become more cautious about emails from unknown senders, phishing attackers are turning to business impersonation. This tactic involves crafting phishing emails to resemble legitimate communications from known companies, exploiting trust. Pennant Cyber notes the prevalence of business impersonation in attacks targeting companies of various sizes, emphasizing the need for heightened suspicion of all emails.
Is Your Company Adequately Protected from Phishing Attacks?
Given the severity of phishing threats, a multi-layered defense strategy is paramount. Pennant Cyber recommends initiating this approach with a cybersecurity audit to assess the current security posture and identify opportunities for improvement. Stay ahead of evolving cyber threats to safeguard your business effectively.
Article used with permission from The Technology Press.
