Data hijacking. Trojan horses. Cryptojacking. There are so many security threats that you need to be aware of. So what is likely to be the biggest security threat of 2023? Our answer may surprise you.
Phishing is an extremely popular form of cybercrime that has already claimed millions of victims around the world. And as we head into 2023, phishing continues to rise, putting you and all other Internet users at risk. So why is phishing still a threat and what can you do to stay safe?
How Phishing Works
Phishing is a form of social engineering that preys on the fear and naivety of its victims. In a typical phishing attack, a threat actor will pose as a legitimate and trusted entity to scam victims out of their sensitive data. Phishing attackers, or “phishermen,” often target people through email, SMS, and social media messages. Let’s consider an example of phishing to understand how it works.
Suppose Alice receives an SMS from her local delivery company stating that she has to pay a fee to have her package delivered. Within the text are two key components: persuasive language and a link to a web page. The sender will indicate that her package will not be delivered if she does not pay the fee and only has 24 hours to do so. The SMS also states that Alice can pay this fee via the link provided.
Alice is worried that she won’t receive her package, so she clicks on the link, which leads to an apparently legitimate web page run by her local courier service. Here, she needs to enter her payment information to pay the fee.
What Alice doesn’t realize is that this is a phishing page, designed to capture any data you enter. In this case, your payment details are stolen. Using this data, the attacker can spend the money on Alice’s account or sell the details to other illicit actors on dark web marketplaces.
Phishing attackers often target login credentials and payment information, but many other types of data can also be stolen through this scam. Even malware can be spread through phishing, which also puts your device at risk, not just your data.
So why should you worry about phishing in 2023?
The rise of phishing attacks
In 2021 and 2022, phishing attacks were found to be very prevalent around the world. These figures seem to indicate that the high frequency of attacks will continue in 2023. So, let’s get into statistics.
in its 2022 Phishing Status Report, SlashNext notes that 255 million phishing attacks have been carried out in 2022 alone. This means that tens of millions of phishing scams were carried out monthly. This is a staggering 61 percent increase in the frequency of phishing attacks compared to 2021.
And what is more, cleardin states that 30 percent of all phishing emails are opened by recipients. With billions of phishing emails being sent each year, this means that you are interacting with hundreds of millions of these malicious communications at the most basic level.
It has been predicted in a Vade’s blog post, an email security provider, that “we will see more phishing campaigns that can bypass MFA by acting as a proxy with the actual authentication system, or tricking users who have MFA fatigue.” Many use MFA, or multi-factor authentication, to add an extra layer of authentication to the login process, whereby the login must be verified from a separate account or device.
But MFA, as well as 2FA (two-factor authentication), are now under threat as cybercrime tactics develop in their levels of sophistication. It is believed that phishing attackers will continue to target these technologies to overcome the layers of security they provide.
And what is more, the cyberwire predicts that spear phishing attacks will increase in frequency by 2023, specifically through LinkedIn accounts. Spear phishing involves the targeting of specific people and organizations, rather than the random targeting seen in typical phishing attacks. Larger organizations and high-profile individuals are often targeted for targeted phishing, which is likely to happen frequently in 2023.
But the continued prevalence of phishing attacks can also be attributed to our increasing reliance on technology. As we entrust our data to more digital platforms, it becomes much easier for cybercriminals to access that data through phishing.
How to stay safe from phishing
Since phishing will likely continue to be prevalent in 2023, it’s important that you know how to protect yourself from this highly dangerous cyberattack.
First of all, you need to make sure that you are using spam filters on your email accounts. Typical phishing attacks target random people, solely because the attacker has their address. Emails that are sent on a large scale may be detected as spam by your email provider if you enable the spam filter. Using this as a first step will ensure that potentially malicious emails are placed in your spam folder instead of your general inbox.
Second, you need to know what a typical phishing email looks like. Here are some key red flags to take note of.
- Bad grammar and spelling: If you notice poor grammar and spelling in a message that’s supposed to come from a trusted party, you might be looking at a phishing email.
- Links provided: If a sender provides you with a link to click, it’s likely a sign of phishing. It is always best to stay away from these links until you know they are safe.
- Unusual email addresses: If the sender’s email address looks a bit strange, for example “4m4zon” instead of “amazon”, it could be a fake address used by impersonators.
And you should always use a link checking website. These sites can check if a given URL is associated with scams and other nefarious acts. It only takes seconds to run a link through one of these sites, and taking this extra step can be invaluable in protecting your data from dangerous phishers.
You should make sure to block any addresses you think are suspicious, as phishing attackers can target the same addresses twice, or even more. You can also report an email given as spam to your email provider so that it can be evaluated.
Phishing continues to target your data in 2023
Given the success of phishing attackers in the past, it’s no surprise that this form of cybercrime will continue to be a common problem in 2023. To protect your sensitive data, try to take all necessary steps to protect your accounts and educate yourself on how to phishing attacks are seen. That way, you can be prepared for the potential phishing threats of 2023.