A phishing attack occurs when a hacker tricks a person into revealing sensitive information — either about themselves or their employer — or infecting a network with malware. It’s one of the most common cyberattacks — 75% of businesses experienced a phishing attack in 2020, Proofpoint reported, during which 74% of attacks aimed at American businesses were successful.
Strong cybersecurity has proven effective in warding off phishing attacks. But perhaps the most effective form of phishing prevention is through education and training, especially since Verizon found that 96% of social engineering attacks arrive through email.
Before you and your staff learn how to avoid phishing attacks, you need to be able to spot them first. Here are five phishing examples hackers usually use to obtain your personal information or deploy their malware:
1. Spear phishing
While most attacks cast a wide net, spear phishing occurs when cybercriminals zero in on specific members of an organization by making the victim feel as if they know the sender. Another version of this, called whaling, happens when attackers go after high-level members of a company such as the president or CEO.
2. CEO fraud
This happens when an attacker disguises themselves as a company’s CEO, or a director of human resources and IT, and asks the victim for personal information or to install a new app on their device. The unsuspecting victim then hands over everything — passwords, banking information, etc.
3. Fake websites
In this attack, the victims are sent links to fraudulent sites that look real — such as the homepage of their email provider — and are coaxed into entering their credentials or other personal information.
4. Vishing
Rather than using a computer, a hacker uses a voice call — hence the spelling — and disguise themselves to get the victim’s personal information. Some examples include posing as a bank employee or someone from a company such as Microsoft and telling the victim they’ve found a virus on their computer.
5. Malvertising
Through tools such as online ads or pop-ups, cybercriminals get their victims to click on a link and inadvertently infect their computer with malware.
Hackers are growing more audacious by the day — these are just some of many ways they use phishing to gain personal information, break into a network or deploy a virus. However, through thorough cybersecurity training and strong cybersecurity, you can reduce the risk of being victimized by a phishing attack. And if you have any concerns about your cybersecurity and its vulnerabilities, reach out Computer Doc today.