Recent reports reveal that about a third of emails that employees have been reporting to be malicious are indeed threats of phishing attacks. From the analysis of IT security companies, it was found that at least 33% of more than 200,000 flagged emails by employees from different firms worldwide for the first half of 2021 are classified to be phishing scams.
Phishing scams are one of the most popular methods used by hackers into baiting their target victims to giving them sensitive data and credentials like providing personal information or even making them download dangerous malware. This method is typically executed through emails – making the composition of the message look authentic so that the victims or recipients will be required to act upon the instructions stated.
Some common examples of phishing scams are how attackers can pose as people from the post office and require the recipient to reschedule fake deliveries or a bank which requires them to update their financial details, or sometimes as legitimate company departments. Regardless of how attackers masquerade themselves into being any form of authentic services or organizations, their main goal is to manipulate victims into providing them sensitive information by clicking suspicious links or downloading email attachments so that they can begin the attack.
Email messages are the usual phishing scams, even though other hackers sometimes rely on social media or over-the-phone phishing.
Email scams have been accounted for more than half of 2020’s infection rates and attempts. For corporation attacks, the easiest way for hackers to operate is through using employees as a bridge. This reason makes many businesses spend so much on training and educating their employees about the importance of cybersecurity.
Several researchers have analyzed that the most common reports that users send are about receiving suspicious links and attachments during their research period. The common denominator about email phishing scams is that they are created to manipulate the emotions of the receivers, so they will click any links provided or download any attached files.
Even though training and reminders about cybersecurity are practised regularly, there is always the risk of employees being deceived. The average response rate of employees engaging in phishing attacks is around 20%, especially emails that trick them into a sense of urgency to do an action or contain false authority.
However, recent studies suggest that more employees are becoming better at catching phishing scams through emails and that a large number of email reports from employees worldwide has been increasing.