Cyberattacks are an increasingly growing crime. Review these tips for keeping your personal information safe.

Do you know the difference between a vishing and a smishing attack? Cyberattacks are an increasingly growing crime, causing personal and business devastation every day.

As technology – and the schemes to manipulate users – are always evolving, it’s important to stay vigilant online.

What’s the most common type of cyber attack?

According to the government’s Cyber Security Breaches Survey 2024, the most common cyber attack identified is phishing, accounting for 84% of breaches or attacks during the past year.

“Other impersonating attacks” accounted for the second most frequent attack category (36% of breaches), while “Viruses, spyware, or malware” accounted for 16% of breaches.

What’s the difference between phishing and spear phishing?      

Phishing is the attempt to gain usernames, passwords, and credit card numbers by impersonating a trustworthy sender in an email or other digital communication. This might entail disguising their email to look like someone or a company you know or including a link to a fake website to trick you into entering private information.

Unlike generic phishing attempts, spear phishing is tailored to one individual specifically and may mention personal details such as an upcoming trip or a child’s name, for example.

How many different versions of phishing are there?                         

Unfortunately, there’s a growing list of phishing scams. But there are two popular ones to be aware of:

‘Vishing’ is a voice version of phishing. The caller pretends to be from law enforcement, the government or a bank and will try to  uncover personal information by asking the victim questions for “verification” purposes.

‘Smishing’ is an SMS (or text) version of phishing. This could be disguised as an automated alert from a parcel delivery company, PayPal or even your bank.

Next steps: How to protect yourself

Criminals are becoming increasingly more sophisticated with their techniques. You can combat the risk by putting these protections in place:

Be diligent about not sharing information. It might be fun to answer a silly quiz on Facebook, but criminals can use this to gain access to security question answers, like your first dog’s name or the street you grew up on.

Use multifactor authentication to login where possible, which requires two or more authentication factors to access devices, applications, or online accounts.

Browse in “incognito” mode so local search history is not stored, and cookies are blocked.

Use secure passwords that include a mix of uppercase and lowercase letters, numbers, and symbols. Make sure each password is at least 12 characters and doesn’t contain personally identifiable information. Pro tip:Use a password management app to help you create and organise them.

Use a virtual private network (VPN) to create an encrypted connection between your devices and the internet that hides your online activity.

Regularly backup files to a local external server or a cloud server. At least you’d have access to all your files in case of an attack.

Look out for the “s” in “https.” It stands for secure, and it must be there when you’re entering your credit card or banking information to make a purchase. This alone does not mean a site is secure, but it certainly should be a red flag if it is not there.

If you receive a call that appears to be a vishing scam, hang up and dial the company you believe is trying to reach you – for example, your bank – directly.

For more information on keeping safe online, click here for details about the FCA’s ScamSmart initiative.


 Sources: pcmag.com; us.norton.com, https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2024/cyber-security-breaches-survey-2024#chapter-4-prevalence-and-impact-of-breaches-or-attacks

Scroll to Top