If you own or manage a business in Hawaii, you might be a target for one of the most common cybersecurity threats: phishing scams. In 2018 alone, 64 percent of businesses experienced a phishing attack.
The push toward remote work in 2020 has seen this number grow even larger. Cofense’s 2020 Phishing Review states that scammers have shifted toward targeting file sharing cloud services, such as OneDrive, because companies use these services regularly. Here are more details about the most common types of phishing attacks, including how they are successful and how you can reduce your risks.
Email Phishing Scams
Most phishing attacks start via email. The most popular method involves a scammer emailing a message that looks like it came from a legitimate organization. They send thousands of these messages to a long list of email addresses, hoping at least one person takes the bait.
The scammer wants the email recipient to click on a link within the email; this link goes to a fake domain they registered in advance. Similar scams ask the recipient to download an attachment. They use this link or attachment to capture personal or business information they can use later for personal gain.
Phishing emails were once easy to detect, but scammers have gotten much more savvy. In 2019, 32 percent of all data breaches involved phishing attacks.
Spear Phishing Scams
Other types of phishing attacks are even more sophisticated. Spear phishing scammers already know bits of personal information about the email recipient. They target certain people using this information, hoping to gather more information for nefarious means.
They might know the person’s name, date of birth, home address, workplace, or even their credit card number. They are looking for additional information they can use to gain access to accounts or steal the person’s identity, such as a password, security code from the back of a credit card, or a social security number.
While this technique was once rare, it is much more common today. In 2019, “65 percent of attacker groups used spear phishing as the primary infection vector,” according to the Internet Security Threat Report.
Whaling attacks are even more sophisticated and targeted. These scams primarily target a company’s senior executives. The email sender poses as another member of the company’s executive staff, and requests access to tax returns or other information.
These emails are often quite convincing because they look and sound like a specific person sent them from within the organization.
Because scammers typically target tax returns, they quickly gain access to a wealth of confidential information. This breach can easily cost the organization thousands of dollars.
Zombie Phishing Scams
Zombie phishing scams became quite popular in 2020. With this technique, scammers hack an email account and send a phishing link as a reply to an ongoing email conversation. Because recipients are familiar with the subject line and have already been in communication with the sender, they are much more likely to click the link and become a victim of the scam.
How to Avoid Phishing Attacks
According to AWPG’s Phishing Activity Trends Report for Q3 2020, phishing attacks are steadily increasing – most likely because more employees are working remotely and becoming easy targets.
To combat this threat, it is best to hire an expert. Busch Consulting offers cybersecurity services to protect Hawaiian businesses from phishing attacks and other scams. As a full service IT company, we also offer backup and disaster recovery so your operations don’t stall, even during the worst events.
If you have questions about phishing or other cybersecurity threats, please let us know. We’re always here to help!