Research suggest phishing emails continue to catch out a surprising number of people, with criminals ready to pounce when they do.
SC Magazine highlights how the study, which was conducted by a joint Google and University of California San Diego team, shows that the best phishing-driven fake websites work almost half the time (45%).
The study also reveals that one in seven people who find their way to a fake page hand over their information – a figure which took the researchers by surprise. Even those apparently obvious bogus sites have some success, with three percent of people falling for their tricks.
Criminals waste no time in exploiting compromised accounts, with 20% accessed within 30 minutes of credentials being handed over, and 50% within seven hours.
The findings come shortly after the discovery of a phishing campaign based on fake Amazon emails, which saw people targeted en masse.
As the Google study points out, the knock-on effect of such phishing campaigns is severe. Should a user become the victim of a hack, hijackers will often send emails from their account to their entire contact list – who are then 36 times more likely than average to respond and subsequently suffer themselves.
The study highlighted five main countries that were responsible for attacks: China, Ivory Coast, Malaysia, Nigeria and South Africa. It was also clear from the results that fraudulent emails remain a firm favourite among hackers, with 35% of the attacks assessed showing up as such.
“Phishing is a key vector of attack used by manual hijackers and email is the primary vector by which victims are phished or lured to phishing pages,” the study said.