Phishing has been described as the ultimate form of social engineering attack, because it gives the hacker the ability to target multiple users at the same time.
It involves sending out an innocent looking email or text, but, although they may look like they come from a trusted source, they contain malware instead. Once somebody opens the email or clicks the link, the malicious software downloads on their computer or device, and the cybercriminal has access to their system.
It is a growing problem. Research in 2021 found that the average employee receives around 14 malicious emails a year, with those working in sectors like retail particularly susceptible. And studies indicate that in 86% of organisations surveyed, at least one person clicked on a phishing link.
And the cost of such attacks is staggering. It is estimated that ransomware – a type of malware that threatens to either publish a victim’s personal data or perpetually block their access to it unless a ransom is paid – will cost global businesses US $20 billion in 2021,
That is a four-fold increase from 2017, and the problem is only getting worse, with some experts predicting that, by the end of 2031, the price tag could have ballooned to US $265 billion annually.
Phishing will continue for as long as there is money to be made from it. However, whilst stopping it happening in the first place s a broader societal problem, there are steps that individuals can take to minimise their chances of falling victim to such an attack.
In the first place only open an email from a trusted source or visit the website of a reputable provider. Indication that an email may be suspect is if it contains suspect grammar or punctuation, or indicates an illogical flow of content. Professional gaming and entertainment companies pay experienced copywriters a great deal of money to ensure that such mistakes are not made.
Anything that asks for personal information should be avoided at all costs. An established brand will never ask for sensitive information by email. Any messages that asks people to enter bank account details or credit card information should be an immediate red flag.
Another type of email that should be treated with the utmost scepticism is one claiming that the recipient has won a large sum of money, or is entitled to a large cash discount. The intent behind such messages is to direct users to a site where scammers can get hold of their personal information.
Compare that to emails from reputable online casinos outlining their promotions. Casino bonuses from casinobest.in is a good example. They make it clear that such promotions are subject to strict terms and conditions and will only be for a limited time only usually.
Such gaming and online casino sites will also use SSL (Secure Socket Layer) technology to ensure safe, encrypted transmission of data over the internet. This technology is also used by the major banks and financial institutions because of the level of security it provides.
A golden rule is never to give out sensitive information – including passwords and the answer to security questions – unless a site’s SSL credentials have been verified first (these will normally be displayed in the home page somewhere).