Phishing is a common issue even in 2025. Hackers are getting smarter and sneakier. If you think that phishing only occurs through spam email, think again. Phishing can also occur through social media, search engines, and other areas of the community.
Perhaps you have received a random message on LinkedIn regarding an investment opportunity or job? Those messages may actually be phishing attempts, as hackers now have other options to contact you through social media and search ads without worrying about getting blocked by an email filter.
Therefore, phishing tactics are constantly evolving and will change, as technology changes. It is vital to regularly update safety software and training methods for workers.
Phishing Is Increasing All Over
Hackers no longer rely solely on email to attack. Approximately 1 out of every 3 phishing attacks take place outside of email (i.e., LinkedIn messages and phishing ads from providers such as Google).Perhaps you have received a random message on LinkedIn regarding an investment opportunity or job? Those messages may actually be phishing attempts, as hackers now have other options to contact you through social media and search ads without worrying about getting blocked by an email filter.
Phishing Tools Have Become More User Friendly
Phishing-as-a-Service (PhaaS) makes life easier for criminals. Tools such as Tycoon, Sneaky2FA and Evilginx allow them to run phishing attacks that can remove the need for multifactor authentication (MFA). With readily available tools like those mentioned above, almost anyone can conduct a phishing campaign, even if they are not particularly technologically skilled.Social Engineering MFA Weaknesses
Cybercriminals have found ways to circumvent multi-factor authentication and security protection systems by using deception techniques. Cybercriminals utilize attack techniques such as reverse proxy phishing, and browser-in-browser, which create counterfeit or nearly identical copies of login pages, making it difficult for even savvy users to identify the fakes.Therefore, phishing tactics are constantly evolving and will change, as technology changes. It is vital to regularly update safety software and training methods for workers.
Ways to Remain Secure Against Phishing Attacks
- Be aware of all your electronic communications; e.g., not only check your email but also be aware of your direct message (DM), and/or social media ad communication.
- If using multi-factor authentication, consider using hardware tokens (in conjunction, preferably with software).
- Ensure your friends, family and colleagues are trained to recognize social engineering phishing attempts.
- Regularly update your malware protection software to protect against new social engineering tricks.
