Phishing Attacks: Why We're Still Losing The Battle Against Phony Emails

Arthur T Knackerbracket has found the following story:

Phishing is still the most common way for cyber attackers to gain entry into networks. Whether it's crooks looking for financial gain or state-backed hacking operations engaging in cyber espionage, it almost always starts with a message designed to make someone click a link or give away sensitive information. Just one person falling victim can be enough to provide hackers with the foothold they need to gain access to the whole corporate network and the confidential information stored within.

But blaming the victim rarely solves anything - especially given how phishing emails can be so highly tailored towards victims, meaning it can be almost impossible to distinguish a real message from a spoofed one created as part of an attack.

"It's fairly easy for an attacker to get hold of an email address and pretend to be somebody," says Amanda Widdowson, cybersecurity champion for the Chartered Institute of Ergonomics & Human Factors and human factors capability lead for Thales Cyber & Consulting.

Read more of this story at SoylentNews.