These are the people most likely to fall victim to a phishing attack
Third-party data breaches can make you a more likely target for future cyberattacks
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
As cybercriminals leveraged the pandemic to send out 18m dailymalwareandphishingemails at its peak,Googlewas busy trying to protect Gmail users from cyber threats over the course of last year.
In an effort to better understand why some users are more heavily targeted by phishing emails and malware, the search giant teamed up with researchers at Stanford University to study over a billion malicious emails and their intended targets.
By aggregating and analyzing all of the malicious campaigns blocked byGmailover a five-month period, Google found that users in the US were the most popular targets (42%), followed by the Untied Kingdom (10%) and Japan (5%). The study also revealed that most cybercriminals don’t localize their efforts and instead use the same English email templates for users in multiple countries.
At the same time, Google and Stanford University found that the attackers andbotnetsdistributing phishing and malware emails rely on fast campaigns that last from just one day to three days on average. In a single week, these small-scale campaigns accounted for over 100m phishing and malware emails in aggregate which targeted Gmail users worldwide.
Heightened risk
In addition to analyzing how the cybercriminals behind phishing and malware campaigns operate, Google also analyzed what factors put a user at higher risk of an attack.
To do this, the company created a model that used an anonymization technique called “k-anonymity” to ensure any risk trends identified applied to a broad group of similar users. The likelihood of receiving a phishing or malware email in a given week was modeled as a function of geographic location, demographics, security posture, device access and prior security incidents.
The model found that users whose emails or personal details were exposed in a previous third-partydata breachwere five times more likely to be targeted by phishing or malware. Where you live also affects risk though and Australian users were two times more likely to be targeted when compared to users in the US despite the fact that the US is the most popular target by volume and not per capita. Age plays a role as well and users between 55 and 64 are 1.64 times more likely to be targeted when compared to 18 to 24-year-olds.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Finally, the study found that mobile only users are .80 times less likely to experience an attack compared to multi-device users. However, this may stem from socioeconomic factors related to device ownership and the attackers targeting wealthier groups.
To protect yourself from malware and phishing emails, Google recommends that users complete aSecurity Checkup, enroll in isAdvanced Protection programand consider signing up forGoogle Workspacefor its advanced phishing and malware protection which are turned on by default.
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics
This new phishing strategy utilizes GitHub comments to distribute malware
Professionals are facing “tech overload” as they try to juggle multiple devices in the workplace
