The most common types of cyber crimes defy the stereotype of a hacker writing code and breaching firewalls with sophisticated methods. In reality, their methods are fairly simple. They "phish" for a way into your system or to gain access to your personal information.
The bad guys will impersonate someone, send an email, and attempt to solicit personal or company information to find a way into your system or even your bank account. Once they get this information, they may use it to do harm to your company, steal data, open credit cards in your name, fake your tax returns, or steal your money.
There’s no end to the types of phishing attacks hackers will use. They range from emails asking you to click on a link to highly targeted attacks on company CEO’s and CFO’s. Here are some of the most common:
A phishing email may let you know your mailbox is full and you need to click to clear. You may get a notice that the email you sent didn’t go through and you need to click to resend. You may get a notice from your bank that someone has tried to hack into your account and, you guessed it, you need to click to verify information. Clicking will launch malicious malware which can infect your computer and give the bad guys access to your data. In some cases, it will launch Ransomware, which locks up your data until you pay a ransom.
The schemes have evolved to include setting up fake websites that emulate legitimate sites. After clicking a link, you will be taken to a website that looks just like your bank, for instance, and told you need to log in to fix whatever problem they made up to get you there.
Hackers will also use social media to spread their malicious links. Either by sending personal messages that appear to be from someone you know, or just posting a link and sharing it. A recent social media phishing attack was launched by promising users’ early access to Facebook tools, like the rumored "dislike" button.
The FBI has an acronym for this type of fraud. They call it BEC (Business Email Compromise). In 2017, the FBI said this type of fraud accounted for $676 million. More than 300,000 U.S. businesses were hit with phishing attacks and other cyber-crimes. The number of attacks and the amount of damages nearly doubled from the year before.
Even though people know about phishing attacks, they continue to be successful. In a controlled test, 23% of employees fell victim to phishing emails. 11% of people who should know better-opened email with a malicious attachment.
The bottom line is that the number of phishing schemes continues to grow dramatically. As awareness has grown, the hackers have become more sophisticated in their skills.
If you think your business is safe, you may want to think again. It’s your money and your business reputation that is on the line. A recent consumer study revealed that 87% of those surveyed would not do business (or were likely not to do business) with companies that had been breached and personal data had been stolen.
In addition to hard costs and loss of consumer confidence, you may also face:
It may also cost you your job. Execs at high profile companies like Yahoo, Equifax, Sony, Uber, and others lost their jobs after hacks were reported.
Inky® Phish Fence is the most comprehensive email phishing and malware protection on the market today. Using sophisticated machine learning and algorithms, it provides an email protection gateway that blocks even deep-sea phishing attacks that other systems can’t.