Skip to content

The sneaky world of email phishing scams

Phishing scams are widespread cybercrimes in which attackers send deceptive messages with malicious software links. The links download malware onto the victim’s device to steal personal information or track their activity. 

Phishing scam examples look like they come from trusted organisations, social media platforms, or even friends. Traditionally, phishing scams were email, but they’ve evolved to target people through text messages, social media direct messages (smishing), and even phone calls (vishing). 

Phishing scam reports show phishing is the single most common form of cybercrime—over a trillion phishing scam emails per year from the estimated 3.4 billion a day sent by cybercriminals. Around 36% of all data breaches involve phishing. 

Tailoring phishing scams for maximum impact

Cybercriminals adapt their tactics to resonate with different cultures and current events. They’ll look at common online services used in a region (banks, social media) and local concerns, recent scams, natural disasters, or political matters they can exploit to make emails appear genuine and/or urgent. For example, posing as relief organisations offering fake aid after a flood or earthquake.

Phishing scam emails are created to mimic local communication and language styles using cultural references, greetings or holidays specific to the region. In countries with strong social hierarchies like Japan and Thailand, emails might impersonate authority figures to exploit cultural norms around respect for religious leaders, government officials, elders, or superiors.

In 2022, 29.82% of spam emails were sent from Russia. Mainland China is the second most common source of malicious spam (14%), followed by the United States (10.71%). 

Phishing’s breeding ground: The dark web

The dark web, a hidden Internet corner, is where phishing scams and cybercrime propagate with greater ease and sophistication than ever before. Our information can end up on the dark web through hacking (weak passwords and security practices), company data breaches, data leaks (company insiders selling data) and unintentional exposure (human error).

Cybercriminals and novice attackers can now access ready-made tools and services, lowering the technical barrier to entry for launching phishing campaigns. Operating anonymously, they profit from tools and resources sold on underground marketplaces, such as:

  • Pre-made phishing kits with user-friendly packages, complete with the following:
    • Convincing email and website templates impersonating legitimate organisations and stores
    • Malicious software (malware) that infiltrates a victim’s device to steal personal data
    • Databases containing stolen email addresses to send the campaigns to.

Global efforts against cybercrime

For more context on what we’re facing, cyber attacks globally increased by 125% in 2021 compared to 2020. The use of stolen credentials is the most common cause of data breaches. 108.9 million accounts were breached between July and September 2022, equating to 14 accounts being leaked every second. In 2021, there were an average of 97 data breach victims every hour worldwide.

Disrupting these operations requires international collaboration between stakeholders to protect users since cybercriminals operate worldwide. Public-private partnerships (PPPs) are needed to share information faster, spread awareness, have greater reach, and help authorities track cyber criminals through standardised reporting. The challenges of this though, are differing national laws and regulations, building trust and cooperation between international law enforcement agencies and security companies, and some countries needing more resources to invest in cybercrime investigation capabilities.

Sapher’s mission to empower every online user

We understand the devastating human cost of cybercrime – the families and lives impacted by identity theft and data breaches. At the current rate, it is predicted that by 2030, the estimated annual cost of cyber-attacks globally will reach $17.0 trillion. 

Recognising the global effort needed to reduce cybercrime, Sapher hasn’t only built a product that helps prevent these attacks—we’re part of the movement. The internet shouldn’t be a battlefield for everyday people, where getting scammed is an inevitable part of being online.

While we’re a new player, our vision is grand. To drastically reduce the number of people worldwide battling the consequences of stolen data. Sapher goes beyond reactive defence and allows everyone to actively safeguard their online presence and take control of their online security. 

Trial Sapher’s browser extension for Free (no credit card required).

Report a Scam Here

Back To Top