Why Is Email Phishing Still One Of The Hardest Attacks To Defend Against?

There was a stat that was just released recently that stated that only about one to two billion people in the world are on the internet right now. There is close to six billion people in this world. That means that there is going to be a lot of new people going on the internet everyday for at least the next decade. We tend to think that since the internet has been around in popular use for almost 20 years that most people would know how to navigate against the basic security risks. That simply is not true. The internet still has not reached the maximum point at which it is going to spread so every year there are going to be a lot of new users getting caught by the same old tricks by black hat hackers.


One of the most fertile grounds for hunting when it comes to black hat hackers is still email accounts. Most people think that social networks have taken over when it comes to places where black hat hackers like to attack but that is true to only a certain extent. Facebook is the biggest social network in existence and it has as a membership base 500 million members. While that is a lot, and more than the amount of people in the United States, it still does not represent the biggest target on the internet. Email accounts do. While not everyone who goes on the internet has a Facebook account most of the people who do go on the internet has an email account. While email may be becoming old fashioned it is still king of the mountain when it comes to the number of users.

What are the most likely Email attacks?

The most likely email attacks are the one that I talked about in the title of this article – phishing attacks. It has been a highly effective attack for a while now. If you’re someone who is not familiar with the term phishing then let me explain it to you. While you might not know the term for the attack I am sure that you have seen it before when you have checked your email account at some point. A phishing attack is when a black hat hacker tries to lure you to another web site. The attacker will try to pose as someone or something that you trust. A lot of time, when it comes to email attacks, the person will try to pose as an email from someone that you know. That person will tell you that they found this cool link and they want you to click on it. When you do click on it you will find that you are transported to another web page and all of the sudden your computer is infected with a strange piece of malware.

Another effective attack that the bad guys try really affects you if you do banking online. They will try to pose as if they are the bank and tell you that they have been trying to get in contact with you. They will tell you that you need to log in to your account for some type of emergency and to get there quicker all that you need to do is to click the link that they have provided. Once you do click the link you will see a page that looks exactly like the bank’s web site that you usually go to. But if you take a look at the address on the page you will find that it is not the same address. They have simply stolen the graphics from your bank’s web site to their web address to make it look the same. Once you try to log in they will redirect you to your normal bank site but they will have stored your username and password in their database. This will allow them the ability to log into your bank account anytime that they want.

Defending against this attack

So as you can see from what I described above, this type of attack can fool someone who is not that knowledgeable about the internet. It can even fool someone who is knowledgeable but who has let their guard down at the wrong time. Even though this is an old trick bad guys still use it all of the time because it still works. All the bad guys need is for one person to be tricked by the attack and they have gained a profit for the day. Unfortunately they gather way more victims than just one a day. The best way to defend against an attack like this is knowledge. You have to know what to look for and what to do if you come against it. The modern browsers these days do a good job of helping to stop phishing attacks but you cannot rely on them alone.

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Speak Your Mind