Phishing emails (Phishing emails) ήταν το πρώτο στάδιο μερικών από τα μεγαλύτερα hacks και διαρροές δεδομένων στο Internet, recent years.
After all, the teams behind these attacks continue to develop new deception techniques.
In a speech at the Black Hat 2019 security conference, Google security researcher Elie Bursztein and University of Florida professor Daniela Oliveira analyzed why these social engineering attacks remain effective, even though they have been known for decades.
Gmail blocks more than 100 million phishing emails every day, and Google reports that 68% of these messages phishing attacks blocked by Gmail are new variants.
The company reports that many of the campaigns targeting Gmail end users are targeted at just a few dozen people. Business users are almost five times more likely to receive phishing emails than regular Gmail users.
Users of educational services are twice as likely, government officials are three times more likely, and nonprofit executives are 3,8 times more likely to receive phishing than the average user.
Although mass phishing campaigns only last for 13 hours, more focused attacks are much shorter – what Google describes as a 'boutique campaign'. It is addressed to a few people in a company and lasts only seven minutes.
In half of the phishing campaigns the email seems to come from the email provider, while in a quarter of them it claims to come from a cloud service provider.
The others usually appear to come from financial services emails or an e-commerce site.
Google found that 45% of Internet users do not understand what exactly is phishing or the risks associated with it.
As phishing groups are now much more adept at using psychology to trick us into clicking, the ignorance of some users to realize the magnitude of the threat is a very important problem.
"This lack of awareness increases the risk of repression and potentially hinders the adoption of 2-step verification." he says Google.
_______________________
- Google Phishing Quiz Do you recognize phishing emails?
- Phishing: how it stops with mechanical learning