Cybercriminals are always looking for vulnerabilities in operating systems to obtain data that brings them some benefit. While, on the other hand, the business world implements the necessary security measures to try to prevent it. However, they do not always succeed and it can be observed that there are sectors that are more vulnerable to phishing attacks by cybercriminals.
What is phishing and how can we protect ourselves
One of the most important dangers we face on the Internet is phishing. In case you don’t know, it is a technique used by cybercriminals to steal passwords and credentials. The operation is based on trying to trick the victim into falling into the trap. This type of attack is no longer exclusive to PCs and laptops, where we open an email from our computer. Now it is increasingly focused on mobiles and tablets due to the rise of this class of devices. When we talk about phishing we can say that it is based on the identity theft of messages that come to us from social networks, instant messaging or email.
When we receive this type of message, we believe it is from a legitimate user or an organization, and if we are not vigilant, we can fall into the hands of these criminals. Therefore, the first thing we must do is distrust the messages of alerts and offers. If we receive messages from our bank, for example, it is better to use the official channels to verify the information. Some recommendations that we must make to prevent it:
- Do not open any message if you doubt its legitimate origin.
- Observe the URL and check that it takes us to the official website, we must look closely at the domain in case it is not real.
- Do not open or run files of dubious origin, because you could be infected with malware or harmful software.
In this article we recommend using common sense and keeping our devices updated, we recommend reading what phishing is and how we can avoid it . You can also read how to detect phishing on smartphones and even what types of phishing attacks exist.
Phishing attacks cause serious financial damage to businesses
We are increasingly vulnerable to phishing attacks, and companies are no strangers to it. The latest cybersecurity trends and statistics reveal that the data on our mobile devices, computers and IoT devices are attacked on a daily basis. Businesses face the risk of data loss because they sometimes have their data unprotected and have weak security measures. In the first part of last year, 4.1 trillion data records were exposed, and the security breach took an average of 206 days to be detected. Additionally, the average loss due to a data breach is estimated to cause a loss of $ 3.86 million for the company. It is also estimated that by next year, companies will have $ 5 trillion in losses due to these attacks.
It should be noted that 90% of successful attacks occur through email-based attacks, using fraudulent and social engineering techniques.
Human failure makes us more vulnerable
People if we do not act with common sense as we commented before make us more vulnerable to phishing attacks. According to one report, one in two employees opens and reads phishing emails. Furthermore, one in three employees clicks on links or opens attachments in emails of this type. Which we have already commented that should not be done. Another worrying fact is that one in eight employees shares the information requested in phishing emails.
Sectors and departments most vulnerable to these attacks
The top five industries with the highest click-through rates on malicious links in phishing emails are consulting with 63%, apparel and accessories 48%, education with 47%, technology with 40% and conglomerates with a 32.37%. The corporate department with the highest rates of fake link clicks and most vulnerable to phishing attacks were those working in law, auditing or internal control with 59%. Also, closely followed by those who work with acquisitions and administrative matters with 58% and, finally, we have those of quality management or health with 56%.
Most of the sensitive information that these cybercriminals obtain is accessible through the workers of these vulnerable units. This is because these sectors and departments are the ones that have a higher data exchange rate than other types of companies . Therefore, these statistics reveal that certain companies are more inclined to share information because of the way they work and, if the appropriate security measures are not taken, they are more vulnerable to phishing attacks.
