How Successful Are Email Scams?
The internet, or the World Wide Web to call it by its old name, is undoubtedly one of our most sophisticated inventions as a society.
As far as that question is concerned, there is no doubt that it ranks up there with hallmark human inventions such as; fire, electricity, plumbing, industrial machines, and modern medicine. After all, we are in the Information Age now.
To reap the full benefits of the internet, a complete infrastructure and technological ecosystem are required.
Thankfully, today we have the scientists and engineers that we’re able to lay these foundations and continue doing so.
In the last two decades or so, we have learned to harness the power of the internet to a much greater extent, which means we can put it to good use to benefit our daily lives, not to mention educate and entertain us thoroughly.
Thanks to the internet, we now have an almost instantaneous connection with our friends and families via social media and social networking sites.
We can also conduct our financial, medical, and shopping transactions online without setting foot outside the door.
Furthermore, you can find a world of entertainment on the internet. Additionally, smartphones and smart devices have taken this endeavour further into the mobile on-the-go realm.
And so, we now find ourselves to be a digitally transformed society that heavily relies upon and is in a symbiotic relationship with the internet.
But, and this is a big but, this is a double-edged sword conundrum. The great and beautiful rose will have very sharp thorns, to call it another way.
That is to say; as impressive as the internet has been for us and pushed society forward at warp speed into the horizons of the future, there is a dark side to it.
We also have much trouble with it, and it affects all of us because of the amount of danger in that realm. For example, things like email scams are still a top threat to everyone using the internet.
So, onto the dark side. The negative side of the glorious fact that we have connected up society in a patchwork of millions of miles of cabling is the risk of scams, cybercrime, and malicious threat actors.
Crime is now invested fully into the digital realm.
Trillions of dollars of damage have been caused by such malicious parties, and trillions more have been caused because we are simply rushing too quickly to monetise everything without thinking enough about security, training, and best practice when it comes to information security.
What is an Email Scam?
Speaking of internet dangers, only three main ones cause the most damage combined.
The first two are caused by external threats or those caused by dangerous, sneaky software that infects data from outside the company.
The third, human error, is an internal threat resulting from human mistakes like misconfigurations or weak password and data/network security, a.k.a a low level of personal cybersecurity knowledge.
The three main dangers are; email phishing scams, ransomware, and human error.
When it comes to phishing emails, these are a combination of external and internal threats.
Phishing is the most common scam cybercriminals like to engage in because this type of scam reaps immediate rewards, is very simple to orchestrate, and requires almost zero financial resources and workforce to do.
Phishing gets its name from what it sounds similar to fishing. The process is very straightforward; malicious individual crafts an email designed to ‘fish’ for ‘victims’ by using email as a ‘bait’ to lure them into a trap.
When the recipient of a phishing email opens the email that usually urges them to respond, input their details or click on a fraudulent link, the process has already begun.
Credentials, banking details, and other sensitive information are given over to cybercriminals, who usually mercilessly relieve the targets of their bank account and disappear.
Phishing is like the common cold in cybersecurity circles. This scam is not going away, and threat actors are constantly modifying their tactics so that spam filters and flagging systems miss their criminal attempts.
How Successful Are Email Scams?
The statistics about email phishing scams are staggering. In 2020, over 70% of all organisations experienced a phishing attack.
Over 95% of these attacks arrive via email that contains the subject; urgent, payment required, a request, or some attention.
Phishing attacks have led to the loss of billions of dollars and enormous damages to millions of victims and thousands of organisations worldwide.
Statistics also show that this is the most common form of cybercrime and is increasing in frequency every year. There are well over 2 million phishing websites active, too.
Unfortunately, over 70% of phishing attacks are successful, especially in large developed nations like the United States.
Over 60% of organisations have lost data, 50% or more have had compromised accounts or credentials, and likewise, many were infected with ransomware, malware and naturally incurred financial losses.
Security companies estimate that almost $20k is lost every minute by businesses worldwide due to phishing attacks.
Perhaps the worst statistic is that an average data breach to a business caused by phishing results in an average loss of over $4.5 million.
What Can Be Done To Limit Phishing Attacks?
First of all, it is impossible to stop 100% of phishing attacks that arrive by email.
This is because there are too many people out there with low-level cybersecurity knowledge, e.g. phishers will target online older people.
Secondly, very few people have protected their computer systems, smartphones, and email services with the proper tools and options.
First and foremost, what can help most is spreading awareness about phishing, which countless institutions and organisations do every day via anti-phishing websites.
Secondly, simply checking where emails are sent from can usually reveal a scam because there will be inconsistencies either in the URL the mail is sent from or the content of the email itself.