Sadly, hackers have become relentless when it comes to targeted phishing attacks. Since the outbreak of COVID-19, many of us have been put under financial strain. Unfortunately, some individuals are willing to do anything to get paid, even if it means stealing.
We confidently state that phishing attacks are becoming worse, as well as more frequent. By 2022, the FBI’s Internet Crime Complaint Centre had recorded more phishing scams than any other type of cybercrime. Moreover, it has been one of the oldest cyber threats that individuals and businesses alike face. Therefore, one can argue that it is important for individuals and companies to understand phishing attacks.
Besides, educating yourself on how to avoid (or prevent) phishing attacks from happening, we assume that you like to keep yourself updated on cybersecurity news. So, it makes sense for you to keep reading and learn about the most common phishing attacks in 2022. We will also give you a few tips on how to stay safe online.
What Are Phishing Attacks?
Phishing is the fraudulent attempt to obtain sensitive data or personally identifiable information (PII) online, such as passwords and credit card numbers, by impersonating a trustworthy organization. In sum, phishing attacks implement and utilize social engineering, i.e., messages, emails, even Facebook messenger. Social engineering is a way to extract information voluntarily by tricking the individual into clicking on a link. Generally, phishing attacks will come via email or message.
For instance, many people have fallen victim to the Amazon scam. People would receive a text saying that they owe for Amazon Prime and lure them into clicking said link by threatening with legal prosecution. On the other hand, some phishing attacks come to disguise themselves as a reward, i.e., click this link to receive your “X Y Z.”
Other well-known tricks include pretending to be from your bank, PayPal, your internet hosting provider, someone pretending to order goods – or someone sending you a random false invoice.
We’re going to hazard a guess and say that your familiar with this lure. Sadly, the advent of technology makes it easier for hackers to be more convincing. There are software and technology that can mirror a company’s font, logo, anything. Although, it’s really easy to spot a phishing email once you know how to identify them.
Scammers also often take advantage of health crisis to implement phishing scams, and the COVID-19 pandemic has been the perfect scenario for them. There are several attacks, luring people into clicking on harmful links or attachments in emails, text messages or social media posts. Some of the most common COVID-19 related phishing scams come in the form of fabricated news from health organizations (e.g., CDC and the World Health Organization), fake updates from employers about social distancing measures, malicious websites containing maps and infographics, fake charities and even false vaccination reports.
Besides, a recent research by Check Point, a web security firm, found out that more than 1,700 Zoom-related domains were registered during the early months of the outbreak, and 4% of them were suspicious or possibly malicious. Hackers are using these domains to create fake Zoom meeting notifications and COVID-19 related email alerts. Users that respond to these alerts become vulnerable targets and compromise their data security.
What Happens After a Phishing Attack?
If you’re unfortunate enough to click on the link, and you do not have a VPN on your devices, then you’re giving a hacker access to things such as:
- Social media accounts
- Financial information (including card details)
As mentioned earlier, phishing attacks have become common. Now, this could be due to COVID-19; people are struggling. For example, we are more likely to click on a link with a $50 reward. People are struggling on a global basis; some countries are still behind with the COVID-19 measures. For instance, the United Kingdom is still in a national lockdown, and parts of Europe look like they are heading for more lockdown measures, which means that many people are out of work.
So, if you’re going to be glued to your phone, then you need to ensure that you have the appropriate level of protection. Namely, investing in a VPN like CyberGhost VPN. In a sense, when you go online, especially in public networks (or open networks), without protection, you are exposing yourself to viruses, malware, trackers, and cybercriminals.
Virtual private networks are network connections that provide secure browsing, privacy and anonymity by creating encrypted virtual tunnels to different servers, using protocols like OpenVPN or WireGuard. This enables secure connections to another location to protect the user’s IP address.
We have highlighted that phishing attacks are extremely frequent. Besides, APWG’s report: Phishing Activity Trends Report for Q3 2022 demonstrated a significant rise in phishing attacks since COVID-19. Moreover, CompareItTech gives a summary of this report and mentions that phishing attacks peaked at 201,591 unique phishing sites.
Now, that’s a lot of danger, and this information is only from one report. More and more companies are falling victim to these types of attacks. Therefore, it makes logical sense to protect yourself when you are online using a virtual private network. It is worth noting that since COVID-19, there are over 4,000 daily attacks. Globally, we have seen a 25% increase in these types of attacks.
Furthermore, Tessian noted that 22% of cyberattacks originate from phishing attacks, and a recent report by Kaspersky Lab revealed that over 90% of data breaches are the result of human error. Sadly, hackers constantly change the way they extract information. They follow trends closely, send out “shout out texts,” rewards, and prey on people’s financial vulnerability. Although you might employ spam filters, these will not capture or prevent all of them from reaching your inbox.
Have you noticed the dramatic difference in your junk file? Well, if they’ve made it to your junk folder, then chances are they will shortly hack your email account. Whereas if you leverage a reliable Virtual Private Network, you are less likely to lose your email account to a hacker.