If I wanted to put a keylogger, ransomware or any other malware on someone’s computer, send the malware in an email. That email would either have an PDF attachment waiting for you to open it. I might even send you an email where inside it has a link for you to click. Once you click on it the malware is downloaded and installed on your computer.

If I was really ambitious, I would make the email look as if it was from your bank or insurance company. That email would inform you of a data breech and you need to reset your password by clicking on the link.

That link would take you to a look-a-like website. At that website you can enter in your current login user name and password, then prompt you to put in a new secure password. After you were done I would proceed to take over those accounts from you.

I have just given you prime examples of how easy to create “Phishing” emails. Since the second paragraph was more point to the recipient of the email, it could be called a “Spear Phishing” email. Spear Phishing emails take a little more work.

These types of emails are called “Phishing” because they put out something attractive for you to bit into.

I want to give you just three alarming numbers to show you how common these danagerous emails are getting to your email inbox.

1. The Digital Guardian states that 91% of all cyber attacks start with phishing emails.
2. In October 2018, Application Threat Intelligence reported phishing fraud jumped 50%
3. According to the SANS Institute, 95% of all attacks on enterprise networks are the result of successful spear phishing.

What can be done you ask?

1. Don’t take any email at face value. Call the person or company where the email says it is from. Verify they sent that specific email.
2. Don’t click on links. Type in the website address yourself. Then verify the website you typed in is what showing in your browsers address bar.
3. Don’t open email attachments for questionable or unverifiable sources.