Phishing Attacks: Threats Effecting Business Existence
Technological innovations and the widespread use of Internet have created a marketplace for
businesses and consumers to interact innovatively and have made way for easier communications in a
globalized business environment. Nevertheless, it is known that from the time, the computing world
became a part of many organizations; computer viruses, Trojans and the like have always accompanied
The emergence and growth of phishing attacks in the recent years only goes to prove that technological
developments has also opened new avenues for the criminals and the unscrupulous to plan their
attacks. Studies and recent reports by anti-phishing groups have shown an alarming increase in the
number of phishing attacks. Phishing, a kind of social engineering attack, is an attempt by the criminals
to acquire sensitive information via the electronic communication mode.
The criminals use spoofed emails to trick unsuspecting public to share information related to
usernames, passwords and credit cards details. Irrespective of the firewalls and encryption software
certificates or authentication mechanisms installed, phishing attacks cleverly dodges the security
systems and have evolved to attack high-profile targets with an aim to steal intellectual property,
corporate secrets as well as information related to nation’s security. Developers thus should work out
effective anti-phishing tools as a countermeasure for such attacks.
The criminals today use a number of phishing techniques to extract information from the electronic
media. These vary from phishing, which is used to acquire passwords and credit card details to a more
targeted version such as spear phishing, to cloning of emails called clone phishing to whaling which is
aimed at high profile targets. However, these techniques use methods for filter evasion and technical
deception of email or link by developing spoofed websites and emails, thus making it difficult to be
accessed by any anti-phishing software.
IT giants have worked out a number of protective mechanisms to safeguard the organization and
individuals from phishing attacks. However, the attacks like the spear phishing attacks are so refined,
that they not only difficult to identify and avoid. These sophisticated attacks being targeted at the
unsuspecting users provide attackers access to sensitive personal data, sales forecast, trade secrets and
business plans. Such action poses a negative effect on the business as a whole causing significant
financial losses, losses in shareholder value and customer loyalty. In other words phishing attacks are
detrimental to the brand name and reputation.
How effective the anti-phishing tools may be, the crux of the problem lies in the individual/employee
being the loophole for the attackers. Organizations thus need anti-phishing tools that not only work on
the security of the process and technology, but would also help organizations protect their employees
from being victims to phishing attacks.
Read also on: Protection from phishing