(2 min read)
This could be a short blog. Phishing scams are successful because they work.
But that’s no use to you. Today, we hear about phishing scams all the time. Our community noticeboards and WhatsApp groups are full of warnings about the latest email, message or text scams, so you’d think that we’d be well aware of what to look out for, wouldn’t you?
We’re clever: phishers are smarter
We’re certainly getting better at spotting a scam. Some of us may even ignore genuine emails and messages ‘just to be on the safe side’.
But phishers are smart and the way they contact you and ask for information gets smarter and more believable every time. So much so, that even giant companies are still falling foul of their scams.
They rely on you being too busy to check properly – until it’s too late.
In fact, US cyber security company Tessian conducted a recent survey that found 43% of respondents had made a mistake at work that had cyber security repercussions. 47% of people working in the tech industry – where you might assume there would be more awareness – had clicked on a phishing email at work.
Phishers take advantage of weakness
It’s no coincidence that phishing scams have increased since the start of the COVID pandemic in 2020.
Hackers are playing on a number of weaknesses. First, they understand that we’re more likely to look at something that makes us curious or worried about losing money, or just losing out on something. Phishing emails are designed to get us to click!
Secondly, people are working from home, so their systems and connections are less protected than in the office. There’s no-one from IT or security in the office round the corner reminding you to be careful.
Third, people have been stressed, distracted and, in lots of cases, ill. Home schooling, worries about vulnerable parents or family members, living alone with little social contact – these are all reasons why we may not check things as thoroughly as we should.
And finally, the pandemic has brought with it new support schemes – from governments and banks and funders. And whilst these support packages are genuine, they are unfamiliar to business owners. And so it’s been easy for hackers to pretend to be a source of support while actually being a source of financial nightmares.
Time to fight back?
No-one should ever feel stupid for falling for a phishing scam. It’s all too easy to mistake a scam for something sincere.
So instead of blame, get ahead of the game. Phishers use behavioural psychology to scam you. So use it to fight back.
That’s what our cyber awareness training is all about – using behavioural science to adapt behaviours and actions so people can spot scams when they arrive and deal with them effectively.
You can find out more about Psybersafe’s easy, behaviour-changing online training by watching our cyber training video.