Phishing attacks continue to play a dominant role in the digital threat landscape. In its 2021 Data Breach Investigations Report (DBIR), Verizon Enterprise found phishing to be one of the most prevalent action varieties for the data breaches it analyzed. Its researchers specifically observed phishing in more than a third (36%) of breaches. That’s up from 22% a year earlier.

Digital fraudsters show no signs of slowing down their phishing activity for the rest of the year, either. Help Net Security revealed that the volume of phishing attacks increased 22% compared to H1 2020. Of those campaigns, approximately half of them leveraged Office 365 as a lure and targeted accounts used for Single Sign On (SSO) at 51% and 45%, respectively.

The rise of phishing attacks poses a significant threat to organizations everywhere. It’s important that all companies know how to spot some of the most common phishing scams if they are to protect their corporate information. It’s also crucial that they are familiar with some of the most common types of techniques that malicious actors use to pull off these scams.

Towards that end, let’s discuss six of the most common types of phishing attacks and highlight some tips that organizations can use to defend themselves.

1. Deceptive Phishing

Deceptive Phishing

Deceptive phishing is the most common type of phishing scam. In this ploy, fraudsters impersonate a legitimate company to steal people’s personal data or login credentials. Those emails use threats and a sense of urgency to scare users into doing what the attackers want.

Techniques Used in Deceptive Phishing

Vade Secure highlighted some of most common techniques used in deceptive phishing attacks. These are as follows:

  • Legitimate links – Many attackers attempt to evade detection from email filters by incorporating legitimate links into their deceptive phishing emails. They could do (Read more...)