Phishing - What is It and Why is it a Potential Threat to Your Business?
What is Phishing?
Phishing is an attempt, by criminals who pose as a legitimate source, to lure individuals into providing sensitive information. These criminals target individuals by email, telephone, or text message in hopes of gathering personally identifiable information, such as banking and credit card details and passwords. These attempts come in many different forms with attackers masquerading as a trusted entity of some kind, often a real or plausibly real person, or a company the victim might do business with. Messages will try to trick victims into clicking a link that asks for login credentials or downloading an attachment that installs malware onto the victim's device.
Phishing is an example of social engineering which is a collection of techniques that scam artists use to manipulate human psychology. Social engineering techniques include forgery, misdirection and lying – all of which can play a part in phishing attacks. On a basic level, phishing emails use social engineering to encourage users to act without thinking things through.
Why is Phishing a Problem?
Phishing emails is easy, cheap, and effective for cybercriminals. It is easy for cybercriminals to get ahold of email addresses and it's virtually free to send emails. With very little effort and next-to-no cost, attackers can quickly gain access to valuable data.
When someone falls prey to a phishing scam, they may end up with malware infections (including ransomware), identity theft and data loss. The data that cybercriminals target includes personal information – like financial account data, credit card numbers and tax and medical records – as well as sensitive business data, such as customer names and contact information, proprietary product secrets and confidential communications.
Cybercriminals also use phishing attacks to gain access to email, social media, and other accounts or to obtain permissions to modify and compromise connected systems, like point-of-sale terminals and order processing systems.
Have questions or want more information about phishing and how to prevent your business to falling prey to these techniques? Contact us here.