Phishing is a crime using the Internet or email that involves a fraudulent attempt to obtain private data, such as usernames, passwords or bank details.
Cybercriminals will use email, text or telephone contact to attempt to elicit such data. They will only be successful if they trick the recipient into trusting that contact. For this reason, phishing attempts often involve spoofed emails purporting to be from legitimate and trusted institutions such as an employer, bank or service provider.
Phishing attacks can lead to identity theft, data breaches and financial losses.
The best way to guard against phishing is not to accept messages at face value or immediately click on links. Check to verify who is making contact with you and stay vigilant. Over email, this means checking the address of the sender against other correspondence from the same source. If an email offers a hyperlink, then check the text of it for variations before following the link. Phishing emails often create a sense of urgency, so exercise scepticism when something hits your inbox that demands your immediate attention.
Unfortunately, phishing attacks are on the rise and have accelerated during the COVID pandemic. Statistics indicate that over 86% of organisations will face a phishing attack during any given year which is worrying given phishing is one of the primary causes of data breaches.
The most famous recent example of a successful phishing attack was the hacking of John Podesta’s Gmail, chair of Hilary Clinton’s presidential 2016 campaign. The spoofed email he interacted with gave a Russian cyber spying group access to confidential information which has since been published by WikiLeaks.
At Secured Communications, we never ask for details via email or over the phone, which is one way we guard against phishing. Communications on Mercury also all take place within a closed ecosystem, between Secured Contacts. Secured Contacts are verified user profiles, which means that there is no risk of hijacking from spoofed profiles.