Phishing emails, the most common form of spam email, have become as much a staple of modern life as contactless payment. By pretending to be a person or organisation you trust, a phishing email persuades you to take an action which gives a scammer access to you or your company’s device, accounts, or personal information.

Recent research has shown cybercriminals have changed tactics. Previous attackers would rely on volume, but Sonic Wall has identified a different tack.

The Sonic Wall Cyber Threat report 2020 says that phishing attacks, while decreasing in volume, have increased in sophistication, changing modus operandi from the previous mass marketing tactics to more specific targeted campaigns.

“Modern cybercriminals act with purpose. These criminal operations are business-focused and budget-conscious. If a certain strategy didn’t provide the returns expected, they will pivot toward a plan that’s more effective. They are efficient enterprises with modern business plans,” the report states.

“Phishers are measured, pragmatic and patient. Cybercriminals are more targeted with phishing than ever.”

One trend is the continued exploitation of the universal trust of PDFs and Microsoft Office files. They are “the delivery vehicles of choice for the modern cybercriminal”.

There have also been reports of phishers targeting emails at specific times of the day, when they believe targets are at their busiest: a harassed worker is less likely to scrutinise an email for signs of fraud.

According to Verizon, a fifth of all security breaches recorded in 2019 involved phishing, making it the most common attack cybercriminals used. They estimate half of all organisations in the US have experienced a successful phishing attack alone. Symantec estimates one in every 3,722 emails in the UK is a phishing attempt, with around half of all UK attacks involving this type of crime.

But… how can you teach your employees and colleagues to protect the businesses? Here are a few quick reminders…

Hover your cursor over the email address that appears in your inbox, which reveals the true origin email address is often not what it is claiming to be.

Regularly check ActionFraud, the UK's national fraud and cyber reporting centre – and sign up to their fraud alerts.

According to Kaspersky, these are the most likely type of phishing attacks:

• Phishing email Appears in your email inbox — usually with a request to follow a link, send a payment, or open an attachment. 
• Domain spoofing A popular way a phisher mimics valid email addresses. These take a real company’s domain (@scmagazineuk.com) and modifies it.
• Voice Phishing (Vishing) Scammers call you and impersonate a valid person or they might redirect you from an automated message and mask their phone number. 
• SMS phishing (smishing) Similarly to vishing, this scheme will imitate a valid organisation, using urgency in a short text message to fool you.
• Social-media phishing Involves criminals using posts or direct messages to persuade you into a trap.

A spokesperson for the National Cyber Security Centre, a key agency in preventing cybercrime, said while they have not seen an increase in the overall number of scams, they are seeing a higher proportion that are using Covid-19 as a hook to entice victims in.

They also added that there are four main factors that are useful when spotting a phishing scam: “Urgency – are you told you have a limited time to respond (such as 'within 24 hours' or 'immediately')? Criminals often threaten you with fines or other negative consequences.

“Emotion – does the message make you panic, fearful, hopeful or curious? Criminals often use threatening language, make false claims of support, or tease you into wanting to find out more.

“Scarcity – is the message offering something in short supply, such as concert tickets, money or a cure for medical conditions? Fear of missing out on a good deal or opportunity can make you respond quickly.

“Current events – are you expecting to see a message like this? Criminals often exploit current news stories, big events or specific times of year (like tax reporting) to make their scam seem more relevant to you.”.