Most Effective Phishing Tactics Revealed by Bob's Business Analysis

News provided by

Bob’s Business

29 Jan, 2020, 11:13 GMT

BARNSLEY, England, Jan. 29, 2020 /PRNewswire/ -- Bob's Business has today released the findings of their analysis of over 67,000 phishing emails, revealing the phishing tactics which are successful 94% of the time.

Their analysis found that phishing success rates could hit 94% when the email posed as an internal source and included a danger. An internal source may be an organisation's IT team, whilst a danger could be the loss of an account if an action is not taken.

Conversely, phishing emails that posed as external sources and utilised a benefit were successful only 37% of the time. External sources are organisations like Amazon and GCHQ, whilst a benefit might be a free gift card or a tax rebate.

The analysis, published in a blog post, was conducted on data from simulated phishing attacks on businesses and organisations. It reveals the efficacy of various types of phishing emails in a bid to understand the psychological phenomena behind phishing attacks.

Phishing attacks are used by cybercriminals to gain access to accounts and systems, typically to inflict financial and reputational damage. Designed to look credible, phishing emails are traps to encourage unwitting participants into giving up private information.

Given that it only takes one successfully phished employee to compromise the cyber security of an entire company, these results highlight the credible and persistent dangers facing organisations of any size.

Melanie Oldham, CEO of Bob's Business, commented:

"Phishing attacks are perhaps the most pressing cyber security issue facing any organisation. Technological solutions can form part of the solution, but not all of it. Human error must also be addressed as part of any serious cyber security awareness effort.

"Analysing what makes a phishing attack successful and attempting to ascertain the psychological factors at play is vital to creating effective phishing awareness training and adjusting workforce behaviour."

To avoid falling victim to a phishing attack, Melanie Oldham recommends:

Should:

  • Pay close attention to the address that sent the email, looking for oddities
  • Hover over links before clicking them to check their legitimacy
  • Closely scrutinise email content for red flags including spelling errors, suspicious visuals and language designed to make the user act impulsively
  • Report any suspicious emails
  • Regularly training employees to spot and avoid phishing attempts
  • Be extra vigilant of emails which appear to come from an internal source and suggest a 'danger' to inaction

Shouldn't:

  • Click a link or download an attachment on any emails from suspicious senders
  • Give away any personal information to a sender deemed suspicious

Additional resources

Methodology

Bob's Business' analysis includes 67,000 users over a 12-year period and found that more than 18,000 (26.8%) individuals opened phishing emails. Of these 18,000, over 10,000 (15.2%) were successfully phished. All statistics are pulled from the 18,000 individuals who opened the phishing emails.

About Bob's Business

Bob's Business was launched in 2007 as a provider of phishing simulation and phishing awareness training courses for organisations of all sizes, with a focus on reducing human error - the leading cause of breaches.

Priced competitively and with a unique approach to content, which foregrounds animations and jargon-free language to teach staff how to safeguard the organisations they work for, Bob's Business has grown to become a major player in the industry.

They offer cyber security courses, simulated phishing campaigns and GDPR compliance training to help organisations achieve compliance standards such as ISO 27001.

Registered Address: Digital Media Centre, County Way, Barnsley, S70 2JW
Contact Number: +44-(0)-330-0583009
Email for Contact: marketing@bobsbusiness.co.uk
Company No: 06341794