Research Hub > Don't Get Hooked: Avoid Becoming the Bait of a Phishing Email

October 03, 2022

Article
3 min

Don't Get Hooked: Avoid Becoming the Bait of a Phishing Email

The cybersecurity landscape is rapidly changing and being fooled by just one phishing email can compromise your entire organization. Take a look at the infographic below to learn what to look out for in a suspicious email.

83%

of spear phishing attack emails sent over a 3-year period impersonated well-known companies

phishing email sender address hacker scam

Sender Address

Hackers will try to craft a sender email address to impersonate and trick the recipient into thinking the email is coming from a legit company, an employee, or even customer support. The email address might look like it is coming from a reputable entity, the CEO of your organization or even a stakeholder. However, if you look closely, you can see that both the sender’s name and email address doesn’t match. And if you are still unsure, you can always reach out to that individual or call the company to verify if they sent out an email or not.

Source: Barracuda, "Spear Phishing: Top Threats and Trends | Barracuda Networks"

47%

of email recipients open an email based on the subject line alone

Subject Line

Cybercriminals always create a false sense of urgency in the tone of the subject line. They want to nudge potential victims to act and respond quickly, especially if the email is looking like it is coming from an executive, colleague, or boss. The end goal of a shady subject line is suggesting that the email is part of a previous conversation to trick the user into trusting the sender.

Source: Finances Online, "52 Email Subject Line Statistics: 2022 Trends & Effective Ideas - Financesonline.com," January 2022

phishing email subject line scam

50%

of 16 million phishing messages that arrive in users’ inboxes daily are opened

phishing email messaging cybercriminal scam

Messaging

When looking at the messaging in a phishing email, 97% of people fail to recognize that it is a scam. However, there are important things to carefully look out for in the messaging. Phishing email messaging will present many red flags such as urgent language, asking the user reply to a different email address, grammatical errors, spelling typos, and even attempts to trick the user into thinking they will land a lucrative deal if they act quickly. Logically speaking, why would someone offer a deal that’s too good to be true? That is because the cybercriminals behind phishing emails incentivize the recipient to open an attachment or click on a link by claiming there will be a reward at the end.

Source: Stat Center, "50+ Email Spam & Phishing Statistics (2022 Update) (emailstatcenter.com)," January 2022

66%

of malware is installed via malicious email attachments

Attachments

Attachments in a phishing email are used as a simple way for hackers to gain access to your sensitive information such as login credentials, credit card information, or your social security number. Not to mention that opening an attachment from a phishing email can be disguised malware that will infect your computer.

Source: Clearedin, "Top 10 Phishing Attack Statistics That Should Scare You (clearedin.com)," 2021

phishing email malware attachment scam

26%

of U.S. workers clicked an email link that led to a suspicious website

phishing email hyperlinks scam

Hyperlinks

When approaching a suspicious email in your inbox, it might include a hyperlink or two that instructs you to act. It is always best to use extreme caution and do not click on any of the links. What might look like a legitimate link can be a disguised link that leads to a hacker’s website to steal your credentials. The best course of action is to hover your mouse over the hyperlink text and look at the bottom left of the screen to see the full URL of the website you would go to if you were to click on the link. Even if you receive an email with a link from someone you know or aren’t certain it’s safe, treat it with caution and don’t click on the link.

Source: Proofpoint, "Proofpoint’s 2022 State of the Phish Report Reveals Email-Based Attacks Dominated the Threat Landscape in 2021; Tailored Security Awareness Training Remains Critical for Protecting Hybrid Work Environments | Proofpoint US," February 2022

Phishing emails have become a regular occurrence in our digital world and cybercriminals have increased in numbers, giving IT departments a big headache. And the pandemic only catapulted the occurrence of these emails as organizations have shifted over to a remote or hybrid work environment. With phishing emails happening alot more frequently these days, all the reason for your organization to have a combative strategy in place to protect your sensitive information and our CDW Cybersecruity experts can help with that. 

CSS Reference

Use this molecule on every article. This contains the styling for the rest of the molecules used on articles.