If you’re a switched-on email user, you’ll probably have heard of phishing. This is when a cybercriminal sends you a message that looks as if it comes from a trusted source, such as a bank or online store, prompting you to click a link or download a file. The aim is to gain access to your sensitive data. Phishing scams can look very convincing, and there are always some people who fall for them. However, there are usually warning signs – if you’re in doubt, this list of social engineering red flags is very useful.
During the pandemic, one particular type of phishing has really boomed: dynamite phishing. According to email security provider GreatHorn, the number of these attacks increased by a whopping 947% between May 2020 and April 2021. What is dynamite phishing exactly, and why is it so popular?
The key to understanding why particular strategies are so popular among cybercriminals is their use of psychology. In order for a phishing attack to succeed, the target – a human being – has to be fooled into believing it’s real. And that’s more likely to happen if the subject of the email is something that creates a sense of urgency. That’s why so many phishing attempts concentrate on worrying scenarios, such as a mysterious message from your bank or an important update about the COVID-19 pandemic. Another popular approach is to promise you something enticing, like a big discount or a time-limited bargain. And with so many of us shopping online, fake “track your parcel” messages are a real favourite, too.
Dynamite phishing works on the same principle. Scammers send emails containing links to adult content, fake hookup sites, or a “direct message” from someone looking for company. Sometimes they promise a video or photo so shocking, you won’t believe your eyes. These cybercriminals often select their targets by picking male names from a company directory or mailing list. Their hope is that the promised material will be so appealing that it will temporarily short-circuit the recipient’s common sense. It’ll fool them into logging into a fake site or opening an attachment that will install malware on their computer. Sadly, this sometimes works!
Protecting your data
When it comes to dynamite phishing, the weakest point in your organisation is human curiosity. While spam filters can catch a lot of phishing emails, they can’t prevent someone from clicking a link or downloading a file. The only way to keep your business safe is to ensure that all your team members are aware of the problem, and to keep them updated as new threats emerge. You also need to use strong security software and install updates as they are issued. In this way, if someone does download malware, there’s a good chance that it will be dealt with before it can do any damage.
A reliable IT support partner is your ultimate weapon in the fight against phishing. At Perigon One, we have extensive expertise in creating custom cybersecurity software and training solutions. Just get in touch for a chat about your business’s needs.