The phenomenon related to e-mail di phishing It’s certainly nothing new. For years and years, in fact, i cybercriminali they send a huge amount of email trying to mislead less attentive users. According to the numbers, however, this type of phenomenon is becoming increasingly dangerous.
According to Fortinet 2023 Global Ransomware Reportphishing is the main tactic (56% of cases) used by bad actors to spread ransomware. While cybercriminals always attempt to craft legitimate-looking phishing communications, some excel at this more than others. The introduction of theArtificial intelligence and the increasingly refined techniques of social engineeringin this sense, play in favor of cyber criminals.
According to some recent tests by Cybersecurity and Infrastructure Security Agencyl’80% of organizations have recorded at least one employee falling victim to a simulated phishing attempt.
Since most ransomware is spread via phishing, the training (both in the corporate and domestic context) is essential for an adequate defense strategy. With new attacks and strategies appearing one after the other, staying informed is now almost a must for everyone.
Stop phishing emails: practices to protect yourself from these threats
Training alone is not enough. In fact, there are various behaviors which, added together, allow risks to be reduced to almost zero.
Having a prudent approach towards suspicious emails, for example, is a good place to start. The senderfor example, can already provide a minimum of information on the veracity or otherwise of the email.
On the social engineering side, it must be taken into account that cybercriminals often leverageurgency, to reduce the lucidity of the potential victim. In case of a suspected phishing email, therefore, it is good keep calm and analyze the situation without panicking.
When you come to a site via link from e-mail, then, it is a good idea to carefully check the URL, taking into account that, on a graphic level, cyber criminals may have reconstructed a website making it appear for what it is not.
More generally, use tools like a cyber defense suite o one antivirusthey can be an additional defensive level that should not be underestimated.