How to Protect Your Organization From Evolving Phishing Attacks

How to Protect Your Organization From Evolving Phishing Attacks

Phishing remains one of the top threats to enterprise IT. According to a recent Akamai report, “Phishing Is No Longer Just Email: It’s Social,” phishing is responsible for as many as 93 percent of security breaches. Email phishing attacks continue to rank highest among attack methods, but criminals are now adopting modern communication and collaboration tools and services as well.


The Evolution of Phishing


Typical phishing attacks are carried out via legitimate-looking emails. The subject lines and content vary, but the messages generally urge the victim to take action to avoid or gain something. Over time, phishing attack trends have changed, and phishing emails often aim to impersonate legitimate brand mailings.


Modern day phishing attacks target a wide range of communication and productivity apps and services. For instance, some attackers utilize popular social networking and cloud-based services, ensnaring victims across devices at work and at home. New attack methods rely on implied trust, where the victim is familiar with the platform and regularly accesses it.


Phishing attack trends now include attacks on popular cloud-based collaboration and file-sharing services. As the Akamai report noted, “Facebook, Slack, Microsoft Teams, Dropbox, Google Docs, and other popular platforms are serving as the criminals’ initial point of penetration into the enterprise.” No service is immune from attack.


Online games are also increasingly being targeted by phishing scams. Fortnite: Battle Royal, a popular cross-platform game, protect organization evolving phishing attacks