Cyber criminals are increasingly turning to entertainment-based methods to trick users into clicking the links on phishing scam emails, a study published today has suggested.
Around 20 per cent of successful phishing scams are based on entertainment triggers, according to anit-phishing security vendor PhishMe.
The company has released its annual Enterprise Phishing Resiliency and Defence Report, which explores the latest phishing and cyber attack trends.
It analysed more than 52 million phishing simulations from more than 1,400 of its customers across the world. From January 2015 to July 2017, researchers at the company examined tens of millions of phishing simulations and investigated a number of real-life cyber attacks.
Responses were gathered from customers operating in 50 countries. These included Fortune 500 firms and public-sector organisations working across 23 industry verticals.
The researchers wanted to explore how resilience and reporting tools are helping customers to stay on top of phishing threats, as well as the reasons why people fall for the scams and how to better educate employees to resist the bait.
The good news is that phishing is declining in effectiveness. Susceptibility rates have been in a long-term decline, the study suggested.
Meanwhile, reporting rates have grown by six per cent over the past three years. Companies have been implementing one-click email reporting buttons to counter phishing attacks, and the results have been effective.
With more companies investing in this technology, the number of people falling victim to phishing attacks has declined in recent years, with fast reporting enabling organisations to prevent phishing emails from achieving wider circulation.
In response, entertainment, social media and rewards have become the biggest tactics used by phishermen to hook the unwary.
Aaron Higbee, chief technology officer and co-founder at PhishMe, said: "With phishing attacks up 65 per cent worldwide from last year, this continues to be the number one cyber threat to organisations of all sizes.
"Phishing attacks have the ability to skirt technology and target human emotion, making it imperative that organisations empower their employees to be part of the solution.
He added: "Our analysis continues to show that conditioning employees to recognise and report on phishing attempts lowers susceptibility, which is proof that progressive anti-phishing programs keep organisations safer."
Claims to have "the most competitive logic density" in the industry
Dell's high-end mobile workstations upgraded with Intel Coffee Lake CPUs
Webstresser admins were also arrested in the UK, Croatia, Canada and Serbia
Security firm claims that 117,638 sites out of 135,035 analysed contain serious security flaws