BotNet News

Your source for Online Security News

Phishing is the favored attack method for black hats because it plays on what has long been described as cybersecurity’s weakest link: humans. According to the 2022 DBIR, 82% of breaches involved the human element, and many of those were due to employees being duped into clicking on malicious links and diving into fraudulent websites. The good news is that phishing attacks can be easily identified by anti-malware programs, and if an email sounds too casual or the language used is inappropriate for the sender, it should be suspicious. It’s also important to examine messages closely for typos and inconsistencies that may indicate phishing.

Using photos taken from the internet or stock images, attackers can create convincing messages that appear to come from trusted contacts. For example, a message can be sent from an overseas colleague that urgently requests funds to be transferred for a new business partnership. Employees are likely to trust a request from someone they have worked with, especially if the message is accompanied by a sense of urgency.

Other attacks are designed to target companies, such as a fake email from international shipping giant DHL that encouraged recipients to print off a receipt for a package that could not be delivered and then submit payment information via a website linked to the message. In addition, attackers can target individuals by posing as a family member or friend in trouble and request bail money or other support. These messages are particularly effective when sent via instant messaging services, such as Facebook Messenger and WhatsApp.