Phishing scams are among the top two malicious cyber activities being conducted on the internet. The first, and by far the most nefarious, is ransomware attacks. Phishing, however, is much less dangerous to human life and critical systems directly, but is very good at harvesting credentials and duping naive victims. There is a very logical and simple explanation as to why this happens, which is also why phishing has persisted for decades now and is still able to affect millions of people across the world with ease. Although phishing is technically a scam and is not a direct “hack” from an external hacker, it is certainly much more profitable and popular with cybercriminals because of the low amount of effort involved, as well as the option for automation. Of course, the width of options that phishing provides makes it a cybercriminal favorite. Something extremely nasty like a ransomware attack requires professional cybercriminal operations that cost time and money, and these types of attacks are usually targeted at specific organizations or governments, whereas anyone can “phish” these days with the help of openly available software and instructions.
Adding to that, the statistics on phishing are staggering, for such an innocuous-sounding activity. It is estimated that almost 80% of organizations around the world experience phishing attacks every year, ranging from between 11-50 attacks on average. 96% of these attacks arrive via email, the favorite attack…
