Talion is a finalist for Best SIEM Solution

Talion is a finalist for Best SIEM Solution for the 4th year in a row

Phishing – What’s The Problem? - Talion

Chances are we all know someone who has fallen, or almost fallen, for a phishing attack. Most of us click DELETE as soon as we see that suspicious attachment, that unfamiliar tone of voice, or we have an intuitive sense that something isn’t quite right. However, the problem with phishing isn’t our gullibility – that’s what cyber criminals want us to think. It’s the fact that phishing is almost too easy to execute, and here’s why.


Behind The Scenes Of Phishing…

The reason phishing is so prevalent is because of the following:


  • Personal Information Is Easily Obtainable

If a cyber criminal can endure less labour with greater return, they’re going to do it, right? Due to an increased digital footprint in today’s era of social media, hackers can more easily obtain email addresses and filter them into a list of targets, manipulating or even spoofing victims into giving over money or personal information. Where do we draw the line between what we can and can’t share online? We should be more cautious with our privacy settings.

Read more about our OSINTGlass services here.


  • It Costs Almost Nothing

Often cyber criminals host a website that mimics that of a well-known company. This inevitably comes with its costs, but it’s cheaper than you may think – it can be as low as £7/$10 a month. Add to that the factor of sending out emails which is absolutely free. Key information can therefore be sent directly to one of the places we, as humans, often look most – our inbox – and then they let us do the “work” from there (a typical social engineering approach).




What Should You Be Looking Out For?

Cofense’s 2021 Annual Phishing Report showed that more than half of phishing emails are designed to steal user credentials. With the above in mind, it’s no surprise that cyber criminals take this route; if phishing pages are inexpensive to host, with low upkeep cost, then hackers can easily change the infrastructure of malicious webpages in alignment with their current goals, whether that is taking advantage of a global crisis or targeting a specific vulnerable persona.

Organisations must be increasingly aware of giving over personal information online and ask themselves the following questions:

  • Do I know and trust this person that has reached out to me?
  • Do their details and tone of voice sound authentic and/or familiar?
  • Is this urgent – can I double check with a second party before taking action?
  • Do the links and/or attachments seem legitimate? (hover over to check the URL)

However, organisations must also be aware that educating employees to avoid clicking links isn’t enough and ultimately goes against our very instinct when using the internet. It is better to teach staff the tricks of the trade of how phishing tactics work in terms of timings, tone of voice, etc. As humans, we’re good at identifying robots and scams, but when social engineering tactics throw us off course, advanced anti-phishing solutions, such as MPDR, and threat analysis are needed above all else.




The Problem With Phishing Is An Ongoing Saga…

…and perhaps always will be. When responsibility/blame is pushed onto the individual for “falling for it”, rather than the threat actor themselves, the individual is more likely to remain silent for fear of punishment. As a result, it can create a distant divide within targeted organisations, increasing the time it takes to remediate the phish. This is when we need to come together and build our defences against cyber-attacks more than ever.

To avoid financial loss and keep your employees safe, make sure you’re taking the steps you need to understand what is at the root of phishing, how it is viewed amongst your employees, and what you can do to prevent it going forward.

Have a read of The Ultimate Phishing Guide to get started.

Or learn more about our MPDR service.

Any questions?

We’re just an email or a call away.

Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
Watch demo video
We’re a tight-knit, highly skilled operation, so when a threat arises, we move quickly.
24x7x365 UK-based Security Operations Centre
Service underpinned by market leading threat intelligence team
Continually developed threat relevant content, backed by SLAs
MDR service has featured in the Gartner Magic Quadrant for 6 consecutive years
Experts in SIEM and SOAR technology
UK-based Senior Leadership
Looking to maximise value and flexibility?
Learn how Talion and DEVO partner to achieve this.
Discuss your cyber security needs
Contact us below and one of our team will be in touch to answer your questions.

Call us on 0800 048 5775

Call us directly and we’ll put you in touch with the most relevant cyber expert.

Get In Touch With Us

Not currently free to call? Give us a brief description of what you’re looking for by filling out our form and we’ll email you as soon as we can.