One fine morning, in your business/personal mailbox, you see an email from NETFLIX saying “Your Account Has Been Suspended” or an email from your Credit Card company asking to click on a link to change your online access password since it is going to expire in next 6 hours, OR an email appears to be coming from Microsoft saying – “Your mailbox is full” asking to increase the mailbox size by clicking on a link given, so on and so forth. These are all examples of Phishing attacks.

According to analysis by Kaspersky, assaults including data loss risks (phishing and scams/social engineering) dramatically increased in Africa in Q2 2022 compared to the prior quarter. Due to its widespread use, phishing is a potent attack strategy. Malicious users boost their chances of success in their search for the credentials of innocent people by sending out enormous waves of emails in the form of reputable institutions or advertising bogus pages.

Kenyan customers have been the most affected in Africa by this form of threat, with 5,098,534 phishing assaults discovered in just three months, a 438% increase from the previous quarter. South Africa came in second with 4,578,216 detections and a growth of 144%, followed by Nigeria with 1,046,136 detections and a growth of 174%. (Ref – Kaspersky).

With Phishing, scammers utilize social engineering, often known as “human hacking,” in a variety of methods and for a variety of objectives to draw unwary people to the website and persuade them into providing personal information.

Phishing attacks come in all shapes and sizes, and unfortunately, there is no silver bullet to stop phishing.

Use this handy acronym to help yourself spot the signs of a phishing email:

P: Promises unbelievable things

H: Harasses you to reply

I: Insists you act now

S: Sense of urgency

H: Hit delete!

Being an IT security professional, I receive emails from my customers when they are in doubt, to check whether the email they received is genuine or not. So always, If in doubt, report it to your IT team and hit delete to make everyone else in the company aware of the phish. Remember, fight against PHISHING starts with you – follow the PHISH acronym above next time you see an unknown email.