After spending time with family and friends over the holidays and talking with them about the good, the bad and the ugly of 2017, one interesting development became clear – phishing emails of all types are ubiquitous. Whether it was the younger kids, their parents, or even their grandparents, almost every person I talked to had some negative experiences this past year with one form of a phishing scam or another.
Almost all of the older adult family members discussed experiences that ranged from someone impersonating their online shopping vendors with fake orders, to bogus package delivery service claims, to password resets that they never asked for, to phony security alerts that demanded immediate attention. Even the younger family members had issues with unique phishing attacks on their social media channels like Facebook and Instagram. Some mentioned how they were beginning to see it more and more, even with texts messages. For all the value and advances that technology brings to us, this could be the one thing that finally undermines all the benefits.
It doesn’t matter how old you are—everyone is becoming a victim of this dangerous form of cybercrime. To make matters worse, criminals are continually growing more sophisticated, and their techniques are evolving in unimaginable ways in order to steal your data and profit from it. The bad guys are investing countless hours and financial resources on research and development, figuring out the latest and great ways to break into your accounts, access your data, and then sell it on the black market or use it to commit fraud. The trend is only expected to gain momentum in 2018.
Combating Phishing Emails
Can’t we fight these advances using better technology from the many security vendors and suppliers in the market? The most disconcerting part of all this is that even they are having trouble keeping up. The volume, variety, and velocity of phishing scams are evolving so quickly that we need to constantly be updating and patching our systems. Even then, traditional security products such as antivirus and antispam software can’t catch everything. While they can detect some known threats, they will not be able to detect unknown threats and targeted emails attacks like spear phishing.
In addition, security software has to strike a difficult balance between blocking dangerous emails and letting legitimate ones through. The only way to prevent all spam emails from hitting inboxes would be to risk blocking too many and holding up important communication. And in a world that relies on email as a critical form of communication, that’s simply not a viable option. Email blockers, like all technology, have their limitations.
As it turns out, the only real way to protect against phishing scams is to ensure that you know how to defend yourself. What’s more, it’s in your best interest to impart this knowledge to others—all it takes for your personal data to get exposed is one family member or work colleague who clinks a bad link. It is important for everyone connected to you to recognize that our connected roles grant us—and potential hackers—access not just to our own data but to others’ as well. Data is power—we all need to know how to protect it.
Phishing emails are increasing in complexity and have become an unavoidable threat that now permeates our online activities. So do yourself, your family, and your business colleagues a great service and get properly educated on how to handle them properly. The only way to truly stop phishing attacks is to become knowledgeable about how to recognize, avoid and report suspicious emails.
What Can You Do?
GLS knows that your employees’ cybersecurity awareness should not stop when they leave the office at the end of a workday. The principles they learn as part of their training at work should be extended to protecting personal data so that good habits are practiced 24×7 to reinforce positive behaviors and prevent phishing attempts.
As part of our Human Firewall 2.0 program, Global Learning Systems offers courses for prevention of online scams in: