Does it feel like your inbox is filled with phishing scams? You’re not alone. Phishing emails have surged in 2024, with no signs of slowing down. Fraudsters are constantly refining their tactics, making fraud prevention more challenging. Here’s what you need to know to stay safe.
Scams on the Rise
According to a recent report by security firm Egress, phishing emails spiked by 28% between April and June 2024 compared to the first quarter of the year. Millennials are the primary targets, with fraudsters exploiting their frequent online activity.
Even with predictable seasonal phishing trends, such as scams tied to specific holidays or events, phishing attacks have become more sophisticated. One of the biggest changes is a shift away from malicious attachments.
Phishing Emails Evolve
In the past, malicious attachments were the primary weapon for fraudsters. However, Egress found a significant 30% decline in phishing emails containing harmful attachments from 2021 to 2024. Instead, fraudsters now favour phishing hyperlinks. These deceptive links are easier to disguise and often slip past malware detection systems.
Why the change? People are more aware of dangerous attachments, and companies have improved email security to block them. Hyperlinks, on the other hand, remain a favoured tool because they’re harder to detect.
Impersonation Phishing
In 2024, a flood of impersonation phishing emails targeted individuals. These emails attempt to mimic trusted brands, a tactic called “commodity” phishing. According to Egress, between January and August 2024, over 25% of phishing emails impersonated popular brands like Adobe, Microsoft, and DHL.
Some fraudsters have taken this to the next level with multi-channel attacks. Instead of relying on a single email, they send follow-up messages via text (smishing) to reinforce the scam’s credibility. For example, a fraudster might email you pretending to be a courier service and then follow up with a fake SMS containing related details. This coordinated attack makes it harder to dismiss the threat.
Phishing Attacks Surge
Additional research from Abnormal Security confirms the trend. Their H2 2024 Email Threat Report recorded a 350% increase in phishing attacks from 2023 to 2024. These phishing scams typically use genuine-looking domains to trick victims and impersonate well-known businesses.
With the rise in phishing scams, it’s crucial to recognise the warning signs. Let’s explore some of the most common red flags that can help you identify a phishing attempt.
How to Spot a Phishing Email
Phishing scams can be sophisticated, but they often leave clues. Here are some tips to help you stay vigilant and report fraud effectively:
Check Email Addresses Carefully
Fraudsters often use email addresses that closely resemble reputable organisations. They might swap a single letter or add a hyphen to create a fake email that looks genuine, like “[email protected]” instead of “[email protected].” Always double-check the sender’s address.
Be Wary of Generic Greetings
Legitimate companies usually address you by name. If an email uses generic terms like “Dear Customer” or “Valued Member,” be cautious. These general greetings can indicate a phishing scam that lacks your personal details.
Look for Urgent or Threatening Language
Fraudsters want you to act quickly without thinking. They often use threatening language, suggesting your account will be suspended or compromised unless you respond immediately. Don’t fall for the urgency. Take your time and verify the information.
Hover Over Links Before Clicking
Phishing emails frequently contain suspicious links that look official. Hover your mouse over the link without clicking to see the real destination. If the URL looks off, avoid it.
Watch for Poor Grammar and Spelling Errors
Phishing emails often contain spelling mistakes or awkward phrasing. Professional organisations take care with their communications so that errors can be a warning sign.
Don’t Download Unexpected Attachments
Attachments can be dangerous, especially if they prompt you to enable macros or run executable files. Avoid downloading attachments from unknown senders.
Verify the URLs
Ensure the website address matches the legitimate URL. Fraudsters often use nearly identical addresses with minor spelling changes to deceive you.
Stay One Step Ahead
Fraud prevention starts with awareness. If you think you’ve received a phishing email, don’t engage. Instead, report fraud to your bank or the relevant authorities. Consider enabling two-factor authentication (2FA) on your accounts for added security. This extra layer makes it harder for fraudsters to gain access, even if they get hold of your password.
Phishing scams will continue to evolve. Fraudsters adapt quickly to new security measures, so it’s crucial to stay informed. Familiarise yourself with the latest tactics and keep your devices secure. If you receive a suspicious email, always take a moment to scrutinise the details.
What to Do Next
If you suspect you’ve fallen victim to a phishing scam, report fraud immediately. Contact your bank, phone provider, or the organisation being impersonated. Change your passwords and monitor your accounts for any unusual activity. Your prompt action can prevent further damage.
Phishing scams are on the rise, and fraudsters are getting smarter. However, you can protect yourself by recognising the signs and knowing what to look for. Make fraud prevention a priority, and always stay cautious when receiving unexpected emails or messages. Fraudsters rely on our complacency—don’t give them the chance to catch you off guard. Stay alert, stay informed, and report fraud whenever you encounter it.
