Phishing Attacks Increase Dramatically Posing Threat to Businesses

The Anti-Phishing Working Group (APWG) found phishing attacks have been dramatically rising since 2004 with a 65% increase from 2015 to 2016.

■ The number of cyber-attacks: 2004 – 1,609
■ The number of cyber-attacks: 2015  – 793,340
■ The number of cyber-attacks: 2016 – 1,220,523
■ 30% of phishing emails are opened
■ 90% of phishing attacks contain ransomware

There is another form of terrorism being perpetrated today: this is cyber-terrorism or cyber-attacks. Since virtually all businesses today maintain an online presence and even ecommerce gateway, all businesses are vulnerable to attack.

All businesses, regardless of their size or function, profit or non-profit, are at risk today from cyber attack, especially in the form of phishing.

Phishing is a form of fraud in which the attacker tries to learn information such as login credentials or account information by masquerading as a reputable entity or person in email, IM or other communication channels. Typically a victim receives a message that appears to have been sent by a known contact or organization. An attachment or links in the message may install malware on the user’s device or direct them to a malicious website set up to trick them into divulging personal and financial information, such as passwords, account IDs or credit card details.

The attacks are clothed in what appear to be legitimate emails seeking to have employees provide them with access to their business systems.

They accomplish this by getting them to click on a link in an email. This method of cyber-attack is known as phishing — and it’s only going to increase. Some reports cite that 91% of hacking attacks start with phishing emails. Employees must be trained to recognize that emails asking for sensitive data such as passwords and personal information are most likely phishing emails that employees must recognize.

According to some studies, up to 97% of individuals are not sophisticated or educated enough to identify a phishing email. This puts most businesses at risk for fraud, or even worse, the digital capitulation of their businesses.

Estimates put the cost of such cyber-frauds at about $500 million annually. This is expected to increase as the number of attacks and the sophistication increases.