A newly published analysis has revealed that, across the whole of 2024, click-attacks all but tripled compared to the year before. Forget the recent warning for Chrome, Edge and Safari browsers not to double-click; all email users should now consider not clicking at all. Here’s what Gmail, Outlook and Apple Mail users need to know.
The Ongoing Gmail, Outlook And Apple Mail Click-Attack Threat
A new analysis of phishing attacks published Jan. 07 by Netskope Threat Labs, has revealed that, across 2024, the number of dangerous clicks has increased nearly threefold compared to 2023. Blaming the increase on cognitive fatigue with users being bombarded by so many phishing emails that they become oblivious to the threat, coupled with the evolution of click-attack threats by increasingly confident attackers, Netskope warned that more than 8 out of every 1,000 users were now clicking on the malicious links. “This is a massive increase,” the researchers said, “and represents a significantly bigger threat posed by phishing to people and organizations.” Blaming the increase on cognitive fatigue, Ray Canzanese, head of the Netskope Threat Labs, said that the number of people clicking on links is increasing “because people are being bombarded with phishing links from all directions: email, social media, ads in search engine results, and all over the web.” The use of personal apps, including webmail apps, was also quoted as a significant risk to organizations as well as consumers.
Google itself recently warned users of a second wave of cyberattacks, mostly phishing-related, that was hitting email users. Andy Wen, Gmail’s senior director of product management, said that the “attackers are very persistent.”
Consumer Advice To Mitigate The Click-Attack Threat To Gmail, Outlook And Apple Mail Users
Microsoft and Apple have tailored advice for their users when it comes to litigating phishing attacks, and Google is no different when it comes to the billions of people using Gmail for their email fix. The core advice from everyone is the same: don’t click on unsolicited links from strangers or untrustworthy sources. Many security experts would say not to click on any links in an email at all, at least not verifying the authenticity if it’s from someone you know or checking out the destination (beware of link hovering attacks, though) if you don’t. Entering the address manually in your browser, or searching Google for the legitimate address, is also an option. Things are more clear-cut with documents and attachments: just say no. Thanks, but no. Unless you are expecting the item and it is from a highly trusted source.