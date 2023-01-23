



Image: Getty/ShutterWorx

From the most basic “you won a prize” scams to the most sophisticated espionage campaigns, inbox attacks have been successful time and time again.

There’s a reason cybercriminals and hackers continue to send millions of phishing emails.

Because email still plays an important role in our daily lives, whether we work in the office or remotely from home. Now there’s a place to use the performance enhancement software overlay.

But for most people, email is still necessary to get things done.

Email strengths: Anyone can email you and add attachments of any kind. Email Weaknesses: Anyone can email you and add attachments of any kind. That makes it one of the most powerful productivity tools and a big source of risk.

Most of us are still dealing with email overload (and now all other communication tools are overloaded as well). That means you may be looking at and trying to reply to hundreds of messages every day from colleagues, clients, or business partners.

But how long have you been looking at those emails? Are they really saying they’re from?

Cybercriminals know that we have limited time and that we do not have the opportunity to carefully analyze every message that arrives in our inboxes. This is one of the reasons why phishing is still successful for him.

And they are using it for all kinds of malicious campaigns. Whether it’s tricking you into clicking on fake, persuasive links that ask you to enter your username and password, making an urgent money transfer, or tricking you into downloading malware or ransomware from malicious attachments, phishing is a hacker’s business. It continues to be an effective weapon in cyberattacks. Arsenal.

Some scoff that phishing emails are still an effective attack tool. Sometimes they openly blame the victim for opening the spam email and following the instructions, but it’s wrong to blame the victim.

Also: What is Phishing? Everything You Need to Know to Protect Against Fraudulent Emails – Worse

First and foremost, when antivirus software and spam filters are used and implemented correctly, malicious emails are much less likely to reach corporate inboxes in most cases. First of all, it’s a technical problem, not a people problem.

But what’s more, it becomes very difficult to process spam emails and separate them from everything else that reaches your inbox. Especially when, for many of us, many of these emails are related to office administrators and cybercriminals know about it.

According to security awareness and phishing training provider KnowBe4, some of the most popular subject lines in phishing emails last year included IT software updates, messages from HR about performance, and links for managers to join. It relates to the message you claim to have sent. at the meeting.

Many of us are used to seeing and clicking on emails like this every day. Because if you get an email saying your boss sent you about an unexpected meeting, they are part of our job. Panic, so click through.

Then, a message claiming to be about software updates and security patches, in this case users ironically did what they were asked to do to help protect their computer from cyberattacks. I’m just trying to do the right thing by thinking that there is. Instead, by mistake he encourages one.

Also: Hackers at Google: Inside the Cybersecurity Red Team that Keeps Google Safe

However, while it is very possible to provide phishing training to your employees, it has to be effective. But so are “gotcha” style phishing tests, where fake phishing emails seem designed to be indistinguishable from the real emails victims send every day.

Phishing attacks are unlikely to be completely stopped, at least not anytime soon, but there are steps you can take to ensure that organizations and individuals are as protected as possible from phishing attacks.

For starters, if you’re not sure about something, don’t click right away if the email claims to be from a colleague. Please use a channel other than email to ask if it was sent. If the email has a problem with your account and needs to be dealt with urgently, please do not click on the link in the email and log into your account via the official URL if you have any issues.

In addition to this, using multi-factor authentication (MFA) can go a long way in preventing usernames and passwords for both corporate and personal accounts from being stolen, but it’s not entirely foolproof against determined attackers. It does not mean.

Phishing attacks prey on human nature, preying on our hopes and fears. And they’re unlikely to go away until we find an alternative to email itself.

ZDNET Monday Opener

ZDNet’s Monday Opener is the first technology article of the week written by a member of our editorial team.

Previously at ZDNET’s Monday opener:

