Simply put, phishing is an online scam where a cybercriminal impersonates a trustworthy entity, such as company or brand, to obtain personal sensitive data from the victim.
You may have already experienced it. If you’ve received an email, seemingly from a trusted source, requesting you to confirm your account credentials or other sensitive information, then you have already experienced phishing (some of the most impersonated brands include Microsoft, LinkedIn, Amazon, Google, PayPal and Zoom).
According to various sources, cases of phishing are on the rise in the UK.
Between August 2020 and July 2021, the HMRC reported over 450 Covid-19 related financial support scams, more than one million reports of suspicious contact (namely phishing attempts) and more than 13,000 malicious web pages (which are used as part of a phishing attack).
Research conducted by ESET, an internet security expert and one of our technology partners, reported a 7.3% increase in email-based attacks between May and August 2021, the majority of which were phishing campaigns.
There is no doubt that the rise in cybercrime is linked to modern working practices, brought about in no small way by the pandemic. The move to ‘hybrid working’, whereby employees are splitting their time between the workplace and operating remotely, and therefore away from the protective bubble of office infrastructure, has made users more susceptible to attack.
Microsoft’s New Future of Working Report identified some startling statistics. 80% of security professionals surveyed had encountered increased security threats since the shift to remote working. Of these, 62% said phishing campaigns had increased more than any other type of threat.
But phishing is nothing new and has been around for many years. However, what is worrying is the wide array of sophisticated methods that are being deployed to trap victims.
So, in conjunction with ESET, we have developed various resources to help protect against phishing attacks:
How to recognise phishing
How to prevent phishing
Different types of phishing
In addition, we have issued our Cyber Readiness Checklist to all our clients. This advice echoes the guidance issued by the UK’s National Cyber Security Centre, who have also issued advice urging UK organisations to bolster their cyber security resilience, with particular reference to military escalations in Ukraine.
Proactively building understanding is also key and we are recommending to all our clients that they undertake cyber awareness training so their employees can build knowledge and awareness.
While many of these suggestions are standard cyber hygiene protocols and best practice, simple actions can go a long way to fighting against phishing and other cyberthreats.
As is finding an IT support partner to help implement the latest cyber security practices, one who can not only advise on the best monitoring and management solutions, but also one who can also advise on the latest cyber hygiene protocols and best practices.
