We all know the emails: “Dear user, please click the following link to update your payment information. Otherwise your account will be disabled.” And while many of those emails look legitimate at first glance, it’s always worth taking a closer look, because more often than not emails like the above are phishing attempts. Personally, i cannot count how often I’ve ignored emails pretending to be from PayPal, Amazon and the like, but millions of people fall for these kinds of phishing attempts, especially people who haven’t grown up using the internet.
Phishing is among the most common cyber-attacks, targeting both individuals and companies. According to Verizon’s 2019 Data Breach Investigations Report, roughly one third of successful data breaches involved phishing activity, and phishing was instrumental to 78 percent of cyber-espionage incidents and the installation of backdoors to networks.
In recent years, phishing mails have become a lot more sophisticated and some of them are really hard to distinguish from legitimate mails. In many cases, such attacks involve the attacker imitating a well-known company/brand, a practice commonly known as “brand phishing”. According to a recent report from Check Point Research, technology companies appear most often in fraudulent emails, with Google, Amazon and WhatsApp topping the list of most impersonated brands.