Phishing continues to be one of the most popular types of cyber attacks as it is a fast and easy way for cybercriminals to make money. However, this week cybercriminals will be in their element using Black Friday and Cyber Monday as a hook to lure consumers to fall for their sophisticated phishing attacks.

Recent research from Sophos which surveyed 1000 office workers found that almost one in five (18%) have fallen victim to a phishing attack in the past. 70% of respondents claimed to be confident they could spot a phishing attack, with 21% admitting they werenโ€™t confident they could spot one.

When discussing the research, John Shier, Senior Security Advisor at Sophos said, โ€œItโ€™s highly likely that almost everyone with an email account has been sent a phishing email at some point. But phishing attacks are becoming increasingly sophisticated and much harder to spot. ย Whatโ€™s interesting with the results is that though many donโ€™t think that they have been phished, if phishing is done right you wouldnโ€™t know about it, so itโ€™s highly likely that the number of those who have been phished is actually a lot higher.โ€

As the threat of phishing increases over Black Friday and Cyber Monday, here are some top tips on how to make sure you donโ€™t become a victim.

1. If an online deal or email offer with price discounts looks too good to be true, it probably is
Hit delete immediately. Itโ€™s common knowledge that though there are some great deals to be had over Black Friday, most products are cheaper or the same price at other times of the year, so itโ€™s unlikely youโ€™ll find the deal of a lifetime. The best way to confirm if it is real is to go directly on to the vendorโ€™s site to check the price and avoid clicking the link in the email which is likely to be malicious.

Too Good to be True Offers on Black Friday
Too Good to be True Offers on Black Friday

2. Feel free to browse deals on your phone but be cautious of the wireless network youโ€™re connected to when youโ€™re online shopping
Only ever enter your credit card information when youโ€™re on a secure network that you trust. And remember the best way to keep your money safe is to use PayPal or your credit card. Where possible, avoid using debit cards to purchase gifts online.

Wifi Network Awareness
Wifi Network Awareness

3. Be on the lookout for Typosquatting
This is where cybercriminals take a popular online brand and change one letter or two to trick you into clicking and sharing personal information. Always check the spelling and be on the lookout for smart typosquatting like the famous Tvvitter attack.

Typosquatting

 

4. Be sensible about password security and incorporate length and complexity
Make account passwords different and difficult to guess. Include upper and lower-case letters, numbers and symbols to make passwords harder to crack.

5. If youโ€™re contemplating clicking the link in an email, take a look at the URL first

Before you click, hover on the link if youโ€™re on a computer or hold down the link on your phone and you should see the full URL appear. Once you can see it look at the source and ask yourself does this look legitimate? Bear in mind that just because the URL has a padlock icon next to it or starts with โ€˜httpsโ€™ doesnโ€™t mean itโ€™s safe. As a rule of thumb if you arenโ€™t sure if it’s genuine just delete it straight away.

Too late?ย If you think youโ€™ve fallen victim to a phishing attack always change your password immediately. Itโ€™s always worth contacting your bank immediately to see if there has been any fraudulent activity.

Overview of Sophos phishing stats research

Research commissioned by Morar research and surveyed 1000 office workers in 2017

  • 70% are confident they could spot a phishing attack
  • 21% are not confident they could spot a phishing attack
  • 71% have not been phished
  • 18% have been phished

ย Phishing is the second most common threat people are aware of. The breakdown is: ย 

    • 80% are aware of spyware
    • 74% are aware of phishing
    • 63% are aware of ransomware
    • 49% are aware of credential stealing malware
    • 39% are aware of Remote Access Trojans
    • 24% are aware of BotNets
    • 11% are aware of APT

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

+ posts

Head of #Digital #Innovation @CompareTheCloud - Every Day #Creating #SilverLinings.

Unlocking Cloud Secrets and How to Stay Ahead in Tech with James Moore

Newsletter

Related articles

Understanding the cloud adoption curve and what the future holds

Globally, strong cloud adoption trends are well established, with...

AI Build or Buy and the Death of Billable Hours

"The billable hour has been a universal system applied...

Optimising Cloud Cost Management to Maximising ROI

A businessโ€™s cloud infrastructure needs will evolve with its...

Welcome to More Productive, AI-powered Working Lives

According to content services expert Dr. John Bates, AI...

Cloud Security Challenges in the Modern Era

Organisations already have to store files and data in...