Consumer Email Fraud – Top Phishing Attacks of 2016

In this series of blog posts we examine the most common forms of phishing attacks and appropriate countermeasures to protect both individuals and organizations – in this post we explore the impact of consumer email fraud.

Consumer Fraud 

When it comes to spear phishing, enterprises are not the only targets. UK consumer association, Which?, revealed that people receive up to 20 phishing emails a month and it remains one of the most common – and successful – methods of scamming.

  • Tax Fraud – In April, the IRS issued a warning about scam artists masquerading as official bodies and enticing people to click on links containing questions about their “tax refund”. A similar trend was observed in the UK, with research revealing that up to 40% of people had received a phishing scam around the time of the deadline for filling in self-assessment tax returns.
  • Government, Bank & Brand Fraud – Increasingly, fraudsters are targeting specific individuals with sophisticated spoofs pretending to be from government departments, banks and major brands. Often the emails will have ‘Attention’, ‘Important Notification’ or ‘Your account has been revoked’ in the subject line and the growing reliance on email means it’s becoming progressively difficult for consumers to distinguish between mimics and genuine correspondence.

Consumer Fraud Countermeasures

As a result, the onus is on businesses to protect their brand reputation and restore trust in the inbox. Any organization that relies on email to communicate with its customers, citizens or members needs to implement the DMARC standard to prevent spoofing of their email addresses.

The standard provides businesses with a wealth of threat intelligence whenever somebody attempts to spoof their email addresses so they can take action to stop it happening again in the future.

Download Agari’s executive brief on the Top Phishing Attacks of 2016 to learn more about best practices to stopping phishing attacks.

You can also check out the other posts in the Top Phishing Scams series: