Recognizing and Reporting Phishing

xkcd comic about Phishing.

Recognizing and reporting phishing is crucial for individuals and organizations to protect themselves from cyber-criminals. Here are the reasons why it is important:

A toy anonymous member at a computer.
  1. Security: Phishing attacks aim to steal sensitive information, such as usernames, passwords, credit card numbers, or other personal data. By being able to identify phishing attempts, individuals can protect themselves and their accounts from unauthorized access.
  2. Financial Loss: Phishing attacks can lead to significant financial loss for individuals and organizations. Cybercriminals may use stolen information to access bank accounts, make fraudulent purchases, or engage in identity theft. By reporting phishing attempts, the authorities can take action to investigate and potentially stop these fraudulent activities.
  3. Identity theft: Phishing attacks often involve attempting to obtain personal information to assume someone else’s identity. This can result in serious consequences, including damage to credit scores, reputation, and financial stability. Reporting phishing attacks can help prevent identity theft and protect individuals’ personal and financial well-being.
  4. Preventing further attacks: Reporting phishing attempts can help security professionals understand the latest tactics and techniques used by cyber-criminals. By sharing this information, they can then take proactive measures to prevent future attacks and protect others from falling victim to similar scams.
  5. Protecting online communities: Phishing attacks not only target individuals but also organizations, communities, and even entire industries. By reporting phishing attempts, individuals can contribute to the safety of the overall online community by alerting others to potential threats and promoting cybersecurity awareness.

In summary, recognizing and reporting phishing attempts is vital for maintaining personal, financial, and online security. By doing so, individuals can protect themselves, help prevent financial loss and identity theft, and contribute to the overall efforts in combating cybercrime.

Phishing, we’ve heard of it, but what does it mean? In summary, it is a tool and method attackers use to try and coerce people into clicking on a malicious site or download, potentially leading to a security issue. Ransomware is an especially dangerous consequence of falling for a phishing attempt. Ransomware is software that locks down data by encrypting it and won’t be unlocked through decryption until a ransom is paid.

To protect yourself from ransomware:

  1. Be wary of suspicious emails and look for the signs.
  2. Make sure your antivirus software is up to date and running. It’ll help stop the ransomware in its tracks.
  3. If ransomware is installed, then if you’ve backed up your data, you may be able to ignore the threat and restore the data.

Unfortunately, in many cases and especially for large enterprises, the cost of the ransom is significantly less than the cost to restore the data, even if it’s backed up. Therefore, the first and second layers of protection are critical.

Phishing Statistics

* Data sourced from Forbes Advisor

Top 10 States Most Affected by Phishing Scams

The following table shows the 10 states that are more affected by phishing scams. This considers the prevalence of phishing scams and the growth in the number of phishing scams since 2018. It includes the number of victims per capita (100,000 residents), financial losses of the victims and the change in the amount of financial loss per capita between 2018 and 2022. This provides a complete picture of how phishing scams statistically impact each state.

The state that is overall the most affected by phishing scams is Nevada. It has the third-highest rate of phishing victims per capita behind the District of Columbia (D.C.) and Wisconsin and the third-highest financial loss to phishing per capita, behind Arkansas and New Hampshire, respectively. Interestingly, its change in the financial loss since 2018 increased by 207%—the 11th-highest increase in the nation—indicating that despite its prevalence, phishing scams are increasingly lucrative for scammers targeting residents of the “Silver State.”

Behind Nevada is the District of Columbia as the second-most affected state in the country by phishing. The nation’s capital had the highest number of phishing victims per capita and the ninth-highest financial loss to phishing at $25,562 per 100,000 residents—about double the national average of $12,879. Unlike Nevada, the average financial loss has dropped since 2018 by nearly 40%. Yet, D.C. still experienced one of the nation’s highest financial losses per capita.

The third state most affected by phishing is New Jersey. While New Jersey has a relatively average rate of phishing victims at the 20th highest in the nation, it had the eighth-highest number of phishing attacks, accounting for an average financial loss of $30,779—the sixth highest in the country and 82% above the national average.

Top 10 states most affected overall by phishing scams:

  1. Nevada
  2. District of Columbia
  3. New Jersey
  4. California
  5. New York
  6. Florida
  7. New Hampshire
  8. Washington
  9. Illinois
  10. Wyoming
wdt_ID Rank State Overall Score Out of 100 Number of Phishing Victims per 100,000 Residents Percent Change in Number of Victims (2018-22) Financial Loss to Phishing per 100,000 Residents
1 1 Nevada 100 13.58 29.00% 37.48
2 2 District of Columbia 91 25.42 -29.46% 25.56
3 3 New Jersey 86 6.15 -12.98% 30.78
4 4 California 83 5.20 -25.97% 37.28
5 5 New York 82 5.29 -11.47% 17.28
6 6 Florida 80 5.59 -22.62% 17.03
7 7 New Hampshire 76 4.75 -18.52% 47.48
8 8 Washington 75 5.29 -18.20% 10.77
9 9 Illinois 75 5.57 20.68% 7.36
10 10 Wyoming 74 4.84 -17.65% 14.70

States That Lost the Most Amount of Money to Phishing Scams

Arkansas had an astounding average financial loss to phishing scams at $80,318 per capita—a 2,609% increase from 2018. However, what’s interesting about Arkansas is that despite its very high amount of losses, it actually has a lower-than-average number of phishing attacks per capita with just 3.67 attacks per 100,000 residents. So while Arkansas experiences fewer phishing attacks compared to the average state in the U.S., its losses are six times higher than the national average.

The state with the second-highest losses to phishing scams is New Hampshire with an average loss of $47,477. Not surprisingly, this was a major contributing factor as to why New Hampshire is one of the most affected states in the nation by phishing scams—which is also the case for Nevada, which ranks as the number one most affected state with losses of $37,478.

Unlike New Hampshire and Nevada, D.C. wasn’t just amongst the states with the highest losses—it also had the highest number of phishing victims per capita. On top of that, D.C. also experienced the highest number of phishing attacks per capita with over five times the number of phishing scams per capita than the national average. This indicates that the nation’s capital is something of a target for phishing scams.

On the other hand, while North Dakota had the 10th-highest average losses to phishing at $24,010—nearly double the national average—it experienced about half the number of phishing attacks per capita compared to the average state. It also has a lower-than-national-average rate of phishing victims per capita. So, while residents of the Peace Garden State do not experience a large volume of phishing scams or have a high number of victims, they are, statistically, more likely to lose more money than average in the rare instances where they do become a victim.

States with the highest average losses to phishing attacks:

  1. Arkansas, $80,318.46
  2. New Hampshire, $47,477.38
  3. Nevada, $37,478.13
  4. California, $37,281.46
  5. Montana, $31,993.32
  6. New Jersey, $30,779.04
  7. Utah, $28,757.73
  8. Connecticut, $26,092.99
  9. District of Columbia, $25,562.25
  10. North Dakota, $24,010.26
  11. Hawaii, $22,676
  12. Louisiana, $22,330
  13. Kentucky, $19,509
  14. New York, $17,284