Cyber attacks come in many shapes and sizes, and the techniques used by cyber criminals are constantly evolving. Despite this, there is one technique that has remained the most common form of cyber attack for years, and it doesn’t look like slowing down any time soon.
So what is the most common form of cyber attack? The most common form of cyber attack is phishing attacks. Phishing involves sending fake emails that pretend to be from a reliable source, such as a business’ vendors or the victim’s boss. The email will then instruct the victim to do something, such as provide personal details or click a link.
Read on to find out more about the most common form of cyber attack, how common it is, and how they happen.
Which Cyber Attack Method Do Hackers Use the Most?
In 2022, 82% of businesses that were subject to a cyber attack reported a phishing attack or breach. This makes phishing by far the most used cyber attack method in use by cyber criminals around the world.
Phishing is where criminals try to trick people into performing an action, such as clicking a link that will download malware, or directing them to a malicious website. These attempts can be conducted in a variety of ways, for example through text, social media, or phone. Despite this, the most common media for phishing scams is via email. Emails can reach millions of people instantly without costing anything, which makes it very popular amongst cyber criminals.
To find out more about the different types of cyber attack, read our blog on the techniques hackers use to gain information.
How Common Are Phishing Attacks?
While the true number is impossible to calculate, the NCSC’s Suspicious Email Reporting Service (SERS) received over 7.1 million reports of malicious emails in 2022 – averaging out at over 19,500 per day.
When you consider that these statistics only include the email attempts that are reported, and only in the UK, the true global number will be much higher. It’s impossible to accurately estimate the total number because of how many are simply deleted and go unreported.
How Do Most Phishing Attacks Start?
The vast majority of phishing attack attempts are indirect attempts. These are sent at random, hoping to reach someone that will fall for the trick. These can be dangerous for those who don’t know what to look out for, as you could end up inadvertently downloading a malicious attachment or clicking on a compromised website and becoming a victim of email fraud..
Other attempts can be more sophisticated, intentionally choosing specific members of an organisation that the hacker believes is vulnerable. These targeted attacks will employ more sophisticated tactics, such as calling the victim to find out details of a vendor they work with before sending an email pretending to be that vendor.
Unsure how to spot a phishing email? Read our example of a phishing email blog to see what forms a phishing email might take and what to look out for.
Strengthen Your Cyber Resilience With the North East Business Resilience Centre
At NEBRC, we’re a police-led not-for-profit organisation that’s dedicated to your cyber security. We work closely with you to keep your data safe and reduce your risk of cyber attack.
Visit our website to find out more about our Network Vulnerability Assessments or find out about our Web app Vulnerability Assessment to protect your site too.