Why are phishing attacks successful?

Why are phishing attacks successful?

Phishing attacks often seem rudimentary. With their spelling and grammar errors, blurry replicas of company logos and conspicuous twists on sender names, they should be easy to spot, shouldn’t they? So why is it, instead of dying down, phishing attacks are on the rise? Why is it phishing emails are more likely to cause a breach than any other form of cyber attack? Why are phishing attacks successful?   Phishing emails rely on psychology Dig beneath the skin of a typical phishing email and you’ll soon see it isn’t as “rudimentary” as it might first appear. Phishing emails – even the most...
How are phishing attacks used in identity theft?

How are phishing attacks used in identity theft?

People are more likely to be a victim of identity theft than any other type of cybercrime… and phishing can be a precursor In order to steal your identity, criminals need to get hold of your personal information. That’s all it really takes to begin opening bank accounts, applying for credit cards and even obtaining false identity documents in your name. Cyber criminals use a number of techniques to steal personal information – but among the most common is phishing.   How phishing is used in identity theft Phishing campaigns can help criminals harvest the information they need to steal...
Are phishing attacks on the rise?

Are phishing attacks on the rise?

In 2018, some reports suggest the number of phishing attacks are falling. Is that really the case? Phishing attacks have been on the rise for a long time now. According to the UK government’s most recent cyber security breaches survey, they cause more data breaches than any other type of cyber attack – and they have done for a long time.   Some reports suggest phishing attacks are decreasing But some recent reports seem to suggest that, after years of increasing, the proportionate number of phishing attacks are now decreasing. Symantec, for example, continuously monitor phishing rates...
Why security awareness training sometimes fails – and what you can do about it

Why security awareness training sometimes fails – and what you can do about it

To demonstrate why security awareness training so often fails, it’s worth conducting a quick thought experiment. Imagine you’re a smoker and, one day, you find out you’re genetically susceptible to lung cancer. Thanks to your genes, you’re two-three times more likely to contract lung cancer than the average person. The elevated risk has nothing to do with your record of smoking – but continuing to smoke increases the risks even further. Given the situation, do you think you’d be more or less likely to quit smoking than other smokers? Studies shows that, actually, you’d be just as likely to...
Measuring The Effectiveness of Security Awareness Training

Measuring The Effectiveness of Security Awareness Training

Online security awareness training is now the most popular form of security awareness training in the world. As we noted here, that’s good news when it comes to measuring the effectiveness of security awareness training. Offline, things aren’t so easy to track. However, online it’s possible to see who is doing what where and when. It’s little surprise, then, that measuring the effectiveness of online security awareness training has been chiselled onto the agendas of CISOs for some time. And yet, measuring the effectiveness of security awareness training remains difficult. In this post, we’re...
Ten key topics to cover in cyber security awareness training

Ten key topics to cover in cyber security awareness training

The scope of cyber security awareness training continues to increase. While the below list of topics to include in awareness training is far from exhaustive, each should be a foundational pillar of security awareness campaigns. Building campaigns around the below can decrease the risk of cyber attack – especially when campaigns account for the ABC of cyber security. Resource challenges and environmental contexts often force those in security to decide which method or methods to include in awareness campaigns – and in which quantities each should be employed. In this post, we consider the...