Hackers are switching to credential theft – here’s how to stay safe.

Recent research shows that email scammers are sending less malware-infected messages. Instead they are choosing to use phishing techniques to steal credentials directly because they are harder to detect.

First of all, what is phishing?

In simple terms, phishing is a type of online scam in which criminals pretend to be a legitimate company, using texts, emails and other related messages. The goal is to convince you to hand over your personal information – like passwords.

Phishing has become the most popular method of credential theft making up 57 percent of scam messages. Malware infected payloads are becoming less common, just 12 percent of scam messages. A staggering 45 percent of all phishing attacks were aimed at Microsoft Office users!

The URLs linked from phishing emails typically only last about 24 hours. This means that there is only a narrow window of opportunity for scammers to take advantage – but it also makes it very difficult to detect and block these sites quickly enough.

Malicious attachments still play a role in phishing, but the frequency of this has declined significantly over the years. Most phishing attempts these days are not even malware, but instead encourage you to open links in your web browser. The linked sites are designed to steal your credentials.

There are two main reason phishing is more popular than other techniques. The first is being phishing is hard to detect. The second is that phishing is extremely cost effective.

Hackers can maintain fake webpages and send hundreds of thousands of emails at very low cost – and there is a very low chance of being caught or stopped. Attackers can also quickly change the infrastructure used to support their landing pages. This leaves far fewer consistent or reliable indicators to compromise their tactics or plans, making it more difficult for the police and forensic investigators to track the criminals.

Currently, cyber criminals are crafting their messages to target Microsoft 365 users. Due to most businesses using Microsoft 365, people are more likely to believe scams and click links, making it a very effective way of stealing information.

What can I do to stay safe and protected?

To stay safe, always remain cautious when receiving communications from unknown sources:

• Do not reply to the scammer. You can forward the message for further analysis to the UK National Fraud & Cyber Crime Reporting Centre at report@phishing.gov.uk
• Do not click on any links listed in the email or text, and do not open any attachments.

If you do click a link on a phishing email, pay attention to the website. Legitimate companies will not ask for personal information using pop up screens. If you see a pop-up screen, do not enter any personal information like usernames or passwords.

If you are concerned that the email is not genuine, visit the website directly – don’t click links in the message. Type the address into your browser and when the page loads, log into your account. If there is an issue, there will be a message available in your account.

You should also ensure that you have a reliable Endpoint Protection tool like the one offered in our Protection Plan packages. This will protect you against any malware that may try to automatically download from the website.