Social Engineering is the psychological manipulation of people into performing actions or divulging confidential information.
When hackers combine this method, it does not require a technical skill, but when combined with a targeted attack, it results in 71.4% involving the use of spear-phishing emails in 2019 alone.
Any Defense system studies previous patterns, using AI creates new/detects new, but a targeted attack, overcomes these boundaries, making hardware and software useless, as it even bypasses them using sophisticated methods which is on a technical level.
That said, scammers/criminal hackers still have success with this form of Cyber Offensive attack and its use remains prevalent. They are constantly changing tactics to get around the anti-phishing measures in place. Techniques like Zombie Phish, Shortened URL, SPF/DMARC Spoofing & More..
Human intelligence is the best defense against phishing attacks
In its 2019 report, Cofense reiterates the importance of awareness training in thwarting phishing attempts. It cites an example in which a phishing attack on a major health-care company was stopped within just 19 minutes. Users reported receiving suspicious emails and the security operations center was able to take swift action.
There will be more focus on social engineering. Kaspersky predicts for 2020 that “the focus on social engineering will increase as other types of attacks become more difficult to carry out.” With some exploit opportunities being closed, attackers may be forced to focus more on the human factor of phishing. Even with improved education and training, people will always represent a weak link in terms of security.
We can’t be certain what the future holds, but we can say with some confidence that phishing will remain a significant threat to both individuals and businesses in the immediate future.
Educate yourself, your employees by dedicating a plan on continuous learning, not just your hardware.
Become a Patron!