Ransomware. Trojan horses. Cryptojacking. There are so many security threats you need to be aware of. So what is likely to be the greatest security threat of 2023? Our answer may surprise you.
Phishing is an extremely popular form of cybercrime that has already claimed millions of victims worldwide. And, as we head into 2023, phishing is still on the rise, putting you and all other internet users at risk. So, why is phishing still such a threat, and what can you do to keep yourself safe?
How Phishing Works
Phishing is a form of social engineering that preys on the fear and naivety of victims. In a typical phishing attack, a threat actor will impersonate a legitimate and trusted entity in order to swindle victims out of their sensitive data. Phishing attackers, or “phishermen”, often target people via email, SMS, and social media messaging. Let’s consider an example of phishing to understand how it works.
Let’s say Alice receives an SMS from her local delivery company stating that she has to pay a fee to have her parcel delivered. Within the text are two key components: persuasive language and a link to a webpage. The sender will state that their package won’t be delivered if they don’t pay the fee, and they only have 24 hours to do so. The SMS also states that Alice can pay this fee via the provided link.
Alice worries about not getting her parcel, so she clicks on the link, which leads to a seemingly legitimate webpage run by her local courier. Here, she needs to enter her payment information in order to pay the fee.
What Alice doesn’t realize is that this is a phishing page, designed to capture any data she inputs. In this case, her payment details are stolen. With this data, the attacker can either spend the money in Alice’s account or sell the details to other illicit actors on dark web marketplaces.
Phishing attackers often target login credentials and payment information, but many other kinds of data can also be stolen through such a scam. Even malware can be spread via phishing, which also puts your device at risk, not just your data.
So, why should you be worried about phishing in 2023?
The Increase in Phishing Attacks
It was found in 2021 and 2022 that phishing attacks were highly prevalent around the world. These figures seem to indicate that high frequency in attacks will continue in 2023. So, let’s get into the statistics.
In its 2022 State of Phishing Report, SlashNext notes that there have been 255 million phishing attacks carried out in 2022 alone. This means that tens of millions of phishing scams were carried out on a monthly basis. This is a shocking 61 percent increase in the frequency of phishing attacks compared to 2021.
What’s more, Cleardin states that 30 percent of all phishing emails are opened by recipients. Given that billions of phishing emails are sent yearly, this means that hundreds of millions of these malicious communications are interacted with on the most basic level.
It’s been predicted in a blog post by Vade, an email security provider, that we will “see more phishing campaigns that are able to circumvent MFA by acting as a proxy with the real authentication system, or by tricking users who have MFA fatigue.” MFA, or multi-factor authentication, is used by many to add an extra layer of authentication to the login process, whereby the login must be verified from a separate account or device.
But MFA, as well as 2FA (two-factor authentication), are now under threat as cybercrime tactics develop in their sophistication levels. It is thought that phishing attackers will continue to target these technologies in order to overcome the security layers they provide.
What’s more, The Cyberwire predicts that spear phishing attacks will increase in frequency in 2023, specifically via LinkedIn accounts. Spear phishing involves the targeting of specific individuals and organizations, instead of the random targeting of victims seen in typical phishing attacks. Larger organizations and high-profile individuals are often targeted in spear phishing, which we may see happen frequently in 2023.
But the continued prevalence of phishing attacks can also be attributed to our increasing reliance on technology. As we entrust our data to more digital platforms, it becomes that much easier for cybercriminals to access that data via phishing.
How to Stay Safe from Phishing
Given that phishing will likely continue to be prevalent in 2023, it’s important that you know how to protect yourself from this highly dangerous cyberattack.
Firstly, you need to ensure that you’re using anti-spam filters on your email accounts. Typical phishing attacks target random individuals, solely because the attacker has their address. Emails that are sent out on a wide scale can be detected as spam by your email provider if you activate the spam filter. Using this as a first step will ensure that potentially malicious emails are placed in your spam folder instead of your general inbox.
Secondly, you should know what a typical phishing email looks like. Here are some key red flags to take note of.
- Poor grammar and spelling: If you notice shoddy grammar and spelling in a message that’s supposed to be from a reputable party, you may be looking at a phishing email.
- Provided links: If a sender provides you with a link to click on, this is likely a sign of phishing. It’s always best to steer clear of these links until you know they’re safe.
- Unusual email addresses: If the email address of the sender looks a little weird, for example, “4m4zon” instead of “amazon”, this could be a phony address used by impersonators.
And you should always use a link-checking website. These sites can verify whether a given URL is associated with scams and other nefarious acts. It only takes a few seconds to run a link through one of these sites, and taking this extra step can be invaluable in protecting your data from dangerous phishermen.
You should make sure that you block any addresses that you’ve deemed suspicious, as phishing attackers can target the same addresses twice, or even more than that. You can also report a given email as spam to your email provider so that it can be assessed.
Phishing Continues to Target Your Data in 2023
Given how successful phishing attackers have been in the past, it’s no surprise that this form of cybercrime will continue to be a common problem in 2023. In order to protect your sensitive data, try and take all the necessary steps to protect your accounts and educate yourself on what phishing attacks look like. That way, you can be prepared for the potential phishing threats of 2023.