Phishing attacks is a very common phenomenon. We have talked about them many times. But why they are still so effective, while we know so much about them, and it is always stressed that it must be done education employees;
The Phishing emails they are usually used to carry out other, larger attacks. They usually make up first stage of attacks and data breaches. The hacking teams behind these attacks are still developing new strategiesto make them even more effective.
In a speech at the conference Black Hat 2019, her security researcher Google, Elie Bursztein, and University of Florida professor Daniela Oliveira analyzed why these social engineering attacks still cause so many problems even though they are used by them hackers for decades.
Gmail blocks more than 100 millions of phishing emails every day. According to Google, the worry is that the 68% of these emails, blocked by Gmail everyday, it is new variations.
Lots of phishing attacks targeting its end users gmail and business customers, they only attack a few dozen people. Business employees are the most basic target of hackers. They are five times more likely to be a phishing attack than ordinary users. As regards education officials, they are twice as likely to be victims hacking, government employees three times and nonprofits 3,8 times, compared to ordinary users.
Typically, bulk phishing campaigns last about 13 hours. However, the more targeted attacks are even shorter. They can only last 7 minutes. Google calls these attacks "boutique campaign»And usually target a small number of employees in a company.
In half of the phishing campaigns, email is supposed to come from the email exchange service, and a quarter claim to come from a cloud service provider. In other cases, it says it comes from one company financial services or from an e-commerce site.
Google has found that 45% of internet users don't understand exactly what phishing is and how dangerous it can be for data their.
Hackers usually use it psychological trick. They talk about an emergency or try to cause fear to force users to click maliciously attachments. Failure of users to realize that there is a threat is the most important problem. "This lack of knowledge increases the risk of being the victim of a phishing attack," Google warned.