What Is Phishing?
Phishing is when cybercriminals try to gain access to sensitive information or files on your device by luring you into opening infected links in e-mails or text messages.
In a study from 2020 regarding Danish people’s information security, 46% of the surveyed public employees stated that they have been victims of phishing attempts. In another study, the surveyed were employees from private companies, and this time the figure was as high as 79%. It goes to show, that phishing is one of the most used methods of cybercrime. In a threat assessment from June 2021, the Center of Cyber Security wrote that most cyberattacks begin with a phishing email. With the phishing emails the cybercriminals try to exploit the human factor.
The typical signs of phishing emails:
- The email encourages quick action to make you make rush decisions.
- The email contains a prize or offer, that is too good to be true.
- The sender will often imitate a legitimate email address from a trustworthy sender but will deviate slightly from the correct address.
- The email will try to convince you to click on a suspicious link or open an attached file.
- The email will ask you to type in sensitive or confidential information, e.g. passwords or credit card information.
- The text is poorly worded and contains spelling mistakes.
What Does Phishing Mean?
Did you know, that the word phishing originates from 1950’s America? Back then, the early hackers used methods to avoid paying for long-distance phone calls on the telephone network. They were called ‘phreaks’ as a combination of ‘phone’ and ‘freaks’. Later, when emails were invented and the hackers tried to ‘fish’ information out of people, the word phishing emerged. The method is compared to fishing because hackers also ‘throw out a large net’ by sending out many emails to different addresses hoping that someone ‘bites the hook’ and clicks on the infected link.
How Does Phishing Happen?
Attempts of phishing happen when you receive an email with an infected link. If you click on the link it can have fatal consequences for the IT security. Some phishing attempts can be hard to see through so it is important that you are very attentive before you click on any links. How to avoid phishing is one of the subjects that you learn about in our e-learning about IT security. You can book a demo and see if the course is suitable for you and your employees.
What Should I Do If I'm a Victim of Phishing?
If you have experienced phishing on your work computer you should immediately contact your workplace’s IT administrator. If you have experienced phishing on your private computer and if credit card details, NemID information, information about your net bank or other sensitive information has been lured out of you, you must immediately report it to the police.
What Is Smishing?
You can also be a victim of phishing attempt via text messages – hence the name smishing. It is text messages that contain infected links, that cybercriminals want you to click on. Maybe you have experienced receiving a text message regarding a parcel you do not recall buying? Cybercriminals often take advantage of e.g. the holiday season, where many people order packages online, to attempt fishing sensitive information out of people and making them click infected links.