Phishing Basics
What is the most common form of cybercrime?
What is Phishing
What is one common red flag in phishing emails?
What is The email originates from an external sender address.
What percentage of all data breaches involve phishing?
What is Around 36%
What is the first step you should take when you receive an email from an unknown sender?
What is Verify the sender's details
What is the most common goal of phishing attacks?
What is To steal sensitive information, such as login credentials or credit card numbers.
What is the term for phishing attempts made through text messages?
What is Smishing
What does an external banner in an email indicate?
What is It's a warning to slow down and exercise extreme caution.
What percentage of organizations faced at least one phishing attempt in 2022?
What is 84%
What should you do if you encounter a potential phishing email?
What is Report it to the Information Security team.
Percentage of users unable to recognize a sophisticated phishing email (37%, 57%, or 97%)
What is 97%?
What is the origin of the term "phishing"?
What is It comes from the word "fishing," as cybercriminals are essentially casting out bait and hoping you bite.
What is a common tactic used in phishing email subject lines?
What is Creating a sense of urgency.
How many phishing incidents were reported in Q4 2022 according to the Anti-Phishing Working Group (APWG)?
What is 1,350,037
What three things should you do if an email creates a sense of urgency, prompting you to act quickly?
What is Slow down, review the email carefully, and verify its authenticity.
Percentage of data breaches in 2020 involving phishing attacks (11%, 22%, or 71.7%)
What is 22%
How many phishing emails are sent out every day?
What is 3.4 billion.
What is the term for when a cybercriminal manipulates the "From" address in a email to appear as if it's sent by someone other than the actual source?
What is Email spoofing
How many phishing attacks did the Anti-Phishing Working Group (APWG) log in 2022?
What is Approximately 4.7 million
This is an effective way to combat spear-phishing, so if an attacker has your credentials they would still need the information sent to you via a second method to access the targeted account
What is two-factor authentication/multi-factor authentication?
Most impersonated brand used in phishing attacks throughout Q4 of 2020 (Google, LinkedIn, or Microsoft)
What is Microsoft?
What percentage of all global email traffic is estimated to be phishing attempts?
What is 1.2%.
Phishing scammers will often make a lot of these in their emails to you.
What is grammar and spelling mistakes? (will also accept: offers too good to be true, threats)
By what percentage has the number of phishing attacks increased yearly since 2019?
What is More than 150%.
If you receive an email that appears to be from a high-ranking official but has signs of email spoofing, what should you do?
What is Contact the supposed sender directly through a known, separate method to verify the email's authenticity.
The top three types of data that are compromised in a phishing attack (geolocation data, online account credentials data, personal data, medical data, social media profile data)
What is 1) Online account credentials data, 2) Personal data and, 3) Medical data