4 Facts About Email Phishing that will Shock You!
Phishing is the new black… well, almost. It’s certainly on trend right now for cyber criminals. Why? Because it’s very easy for them to do. Forget the fancy tools and high-tech skills. Cyber criminals can find everything they need on the internet. Add to that the fact that their phishing targets people, not machines, and their rates of success are higher (yes, it’s true – set the right trap and you can trick almost anyone!). Plus cyber criminals can target large numbers of people to increase their success rate.
The Webroot Phishing Threat Trends report recently identified four facts about phishing that are important for all companies to know:
The average lifecycle of a phishing site is less than 15 hours
The lifecycle of a phishing site has shrunk. It can last as little as 15 minutes and a long as 44 hours. Either way, their average short lifecycle of 15 hours makes them very difficult to detect and block. It’s almost a case of blink and you’ll miss them, but you certainly won’t miss their effects.
When it comes to phishing, dedicated domains are a thing of the past
Dedicated domains can be easily identified and blacklisted. This is why phishing sites now ‘use domains typically associated with benign activity’. Hackers generally replace all the content of a benign site with their phishing content. It means their site is almost impossible to detect and therefore increases their chance of success.
There were 400,000 phishing sites observed each month on average, in 2016
Just as the lifecycle of phishing sites is reducing, the number of phishing sites is increasing. One action balances the other. In 2016, 400,000 phishing sites were observed on average each month. That’s a lot of phishing, and a lot of potential for damage.
Everyone's favourites are amongst the most commonly impersonated companies
Apple, Yahoo, PayPal and Google are amongst everyone’s favourite brands. This means they are targets for cyber criminals establishing phishing sites too. Between January to October 2016, the most impersonated brand was Google, at 21%. Yahoo was next, at 19%, followed by Apple at 15% and PayPal at 13%.
Get one step ahead of the cyber criminals and get your staff trained. Teach them how to spot the scam and ensure everyone is part of your cyber security strategy.
Also have a look at 9 ways to identify a phishing scam which shows the ways in which you can help identify whether an email is a phishing email.
If you need any assistance with your IT security strategy or any advice around your technology requirements please call us on 1300 4 787 389 or email us at firstname.lastname@example.org.
About the Author
Geoff Stewart is a highly experienced and skilled Technology Director at Surety IT. His knowledge is based on years of industry experience having created customised, stable, well performing systems both for multi-national companies in the UK and Australia and Surety IT customers.
Surety IT can help you create the right system to enhance your business, ensuring you know how it is right for you and how to use it. We will tailor a solution to suit your needs with leading systems, local support and more, building your vision for a more flexible and capable business.