More than 500 million phishing emails show up in our inboxes every day. While this number pales in comparison to spam, which accounts for almost 70% of all email traffic, spam is mainly a nuisance, whereas phishing can lead to costly security breaches.
Phishing attacks, which use highly targeted emails to induce users to divulge passwords or use malware, have resulted in direct financial losses of several billion dollars per year in the US alone. This is just the tip of the iceberg, as more targeted ‘spear phishing’ attacks can lead to potentially devastating security breaches, loss of sensitive data, and significant financial losses.
Most anti-spam and antivirus vendors have repurposed their filters to also catch phishing emails. They rely primarily on blacklists of malicious URL’s, which typically are manually vetted to minimize the number of legitimate sites flagged. But these lists are always a step behind the bad guys, lagging by at least several hours and sometimes days. During that time, spam filters fail to detect many phishing emails, and browsers, which also rely on these same blacklists, do not flag many of the malicious websites to which phishing victims are directed.
This lag can be a serious problem because studies have shown that during work hours, half of users who fall for phishing attacks read their email within two hours of the time it reaches their inbox. Ninety percent read their email within eight hours of receiving it. In other words, a lag in updating blacklists by just a few hours can be devastating.