We say it all the time, the sophistication of cyber crime is growing as hackers continually evolve their techniques. That’s why this list of the most common cyber attacks may surprise you.
What are the most common types of cyber attacks you’ve never even heard of?
#1. Compromised emails
For a hacker to gain access to an email account may seem small fry, but it’s the first step to bigger things. Providing they target the right employee, the attacker can go on to contact other members of the team, posing as their colleague, with seemingly legitimate requests to pay invoices, wire a payment, etc. resulting in your business bank details being exposed.
This highly successful technique is pretty simple for a hacker. For the victim, it can be a tough one to spot… but not impossible. Even with internal emails, if the request is unexpected or raises any doubt, call your colleague to verify.
#2. Pre-vishing
Pre-vishing is a good example of how attackers tweak their approach to continually catch victims off-guard.
You may be more familiar with vishing: Attackers cold-call businesses posing as an IT engineer or a new colleague from another site and ask for company information or login details. Pre-vishing is a new text-based version of this attack.
The victim will receive an email from a fake IT service, for example, with an urgent prompt to call the ‘support team’. The rest of the work is then done over the phone.
There are a number of checks you can do to verify if the request is legitimate. Thoroughly check the email for spelling mistakes and poor-quality pixelated company logos and avoid all links and attachments.
Learn more about vishing and other social engineering threats.
#3. SEO-boosted attacks
You might expect malware-ridden fake websites to be buried deep in search engines, making the chances of stumbling on one pretty slim right? But cyber criminals are now using the same SEO techniques you use to boost your business website up the rankings.
A recent example of this was a GootLoader attack which used the popular search term ‘legal agreements’ to climb the SEO ladder and target users looking for free downloads.
Whilst ‘free’ templates can be very tempting, remember, if it seems too good to be true, it probably is.
#4. Malvertsing
This is another example of cyber criminals using the same techniques you use to promote your business. Attackers are now using paid adverting to spread malware. They simply create lookalike ads of existing campaigns but theirs leads to a malicious website.
A recent victim of this was the 3D graphic software provider Blender. Shockingly, their legitimate paid advertising appeared 4th to three fake ads leading to fake websites.
If there are websites you need to use regularly for your business, bookmarking them can be a quick and safe way to access them on a daily basis. If you do need to search for a business or service on the internet, sponsored ads are not always the best link to choose.
#5. Weaponising AI
The rapid developments in AI have brought so much opportunity for many businesses. Unfortunately, they have also brought advances in cyber crime.
With large language models (LLMs) like ChatGPT, attackers find it easier to discover unknown software vulnerabilities. LLMs technology can be prompted to explore code and discover flaws. Not only does this make a hacker’s mission quicker, but it also enables less technical criminals to up their game.
Use our expertise to keep up with common cyber attacks
How many of these common cyber attack threats were on your radar? How many do you think your employees will be aware of?
Human error is accountable for 90% of all successful data breaches. Keeping on top of the latest cyber crime developments and keeping your teams in the know is essential to your cyber security.
That’s why we provide free content-rich cyber security staff training for all our clients, with tips and information that can be applied in and out of work.
To find out more, drop us a line – we’re waiting to share our expertise with you.
.
