Phishing attacks threatening industries

Successful phishing attacks are increasing at a rapid rate, and so too are the variety of forms they come in. Millions of users worldwide are put at risk every single day (well, every 30 seconds to be exact). Simply put - cyber criminals are evolving, and so are their techniques.

Anyone who uses the internet or phones can be a target for phishing scammers. In the last year, cyber criminals delivered a wave of cyberattacks that were not just highly coordinated, but far more advanced than ever before seen. Cybersecurity incidents are not only growing more prevalent but are also becoming more costly.

Simple endpoint attacks became complex, multi-stage operations. Ransomware attacks hit small businesses and huge corporations alike. Crypto-mining attacks gave cyber criminals an easy foothold into company networks.

Across the web, phishing attacks have baited unsuspecting victims into handing over bank info, social security numbers, and more. Plus, cybercriminals have become even savvier with their disguises. Sometimes these scams hide behind voices you know and trust, like your co-workers, your bank, or even your government. If you so much as click a link, you could be the scammer’s next victim.

The most common scenario is:

· You open your email and suddenly an alert from your bank appears in your inbox. When you click the link in the email, you are taken to a webpage that looks, more or less, like your bank.

· Here’s the catch: this site is actually designed to steal your information. The alert will say there is a problem with your account and ask you to confirm your login and password.

· After entering your credentials on the page that appears, you are usually sent to the actual institution to enter your information a second time. By steering you to the legitimate institution, you don't immediately realize your information was stolen.

LinkedIn is a tempting target to spoof because the networking site often sends out emails with updates about your profile, your job search results and other topics. Since LinkedIn users are comfortable receiving emails, cybercriminals can more easily send out messages with links to phishing sites.

Microsoft was the second most spoofed brand during the first half of 2022 with such products as Microsoft 365, Outlook and OneDrive popping up in phishing messages and the third place in phishing attacks were shipping services and e-commerce platforms, accounting for 16% of credential phishing messages.

During the first quarter of 2022, 23.6 percent of phishing attacks worldwide were directed toward financial institutions. Online industries were the most targeted by phishing attacks as of 1st quarter 2022.

While phishing awareness among the public may be growing, phishers are getting more sophisticated in their efforts to trick them, even moving outside email phishing and using communication channels such as Slack to catch people off-guard.