Phishing Attacks that Dominated 2018

You know those pesky spam emails that manage to get through filters? Some of them may seem quite normal, just from a random sender. Some tell users to click a link to enter contests or download a necessary security update. However, if these emails usually seem a bit fishy, it’s because they are.Phishing emails are one of the most common and well-known forms of cyberattacks. Even though the majority of tech users are aware of them, far too many people manage to get themselves into a heck of a lot of computer and mobile trouble caused by these emails. According to Barkly, 76% of businesses surveyed say they experienced a phishing attack in 2017. By the end of 2017, the average user was receiving about 16 malicious emails per month. These days, the more common phishing attacks are slipping through the cracks. That’s only because some IT professionals aren’t making their staff aware of them. These are just a few of the most common phishing attacks we saw throughout 2018:

1. SMiShing

Over the past few years, smartphones and other connected devices have not only changed the way we communicate with each other, but have broadened the targets for hackers in a big way. Phishing text messages are very common nowadays. Don't take them lightly, either. Employees who use their mobile devices for company business are now a huge target. When a corrupt link is clicked in a text message, a virus, ransomware, or another form of malware will be deployed, and the information in that mobile device (including photos, contacts, emails and files) will be vulnerable. One mobile breach could mean hours or even days of downtime, especially for an SMB.

2. GDPR-related Emails

 In the months before the EU’s General Data Protection Regulation, hackers were phishing like crazy. They posed as tech giants like Airbnb and delivered emails warning users they wouldn’t be able to access the service if they didn’t change their privacy settings. Users would then log in to a replica website, and their credentials would be stolen by the hackers.

3. Tax Professional Scams

Right after the end of tax season, scammers began sending phishing emails to accountants and other tax professionals. These hackers posed as state accounting associations and tried to obtain the login credentials of tax professionals to the IRA’s website. This gave hackers access to incredibly sensitive data that resulted in drained bank accounts and identity theft. Phishing has been around since the beginning of email. It clearly isn’t going anywhere anytime soon. The best way to stay safe online is to prepare ahead through education and proper data security measures. StorageCraft is the data security pro. We specialize in data backups and storage that make a big difference to small and medium-sized businesses. Contact us today to find out which solution is best for the needs of your company.