Among the myriad of tactics employed by cybercriminals, phishing emails continue to reign as one of the most prevalent and effective methods for breaching personal and organizational security.
According to the data presented by the Atlas VPN team, 27% of phishing emails targeting C-Suite employees are sent out on Mondays. While the statistics are based on C-Suite, they should reflect similarly to the general public. Furthermore, the most common payloads attached to phishing emails are hyperlinks or attachments carrying malware.
For a lot of people, Mondays are busy and stressful. As the workweek starts, inboxes get filled with new messages, deadlines, and essential tasks that must be addressed immediately.
Saturdays are the second favorite day for cybercriminals, as one out of five (19%) phishing emails come on this day. Fridays (14%), Tuesdays (13%), and Thursdays (12%) are the next most common days for phishing emails to arrive at your door.
You are the least likely to receive a phishing email on Wednesdays (9%) and Sundays (6%).
Cybersecurity writer at Atlas VPN, Vilius Kardelis, shares his thoughts on phishing attacks:
“Individuals and organizations must take a proactive approach to strengthen their defenses against the evolving and sophisticated landscape of phishing attacks. Ongoing education on robust security measures and promoting a culture of skepticism are necessary to combat the constant and widespread threat of phishing attacks effectively.”
Payloads in phishing attacks
Although we have analyzed the frequency of phishing emails on different workdays, it’s crucial to investigate cybercriminals’ methods to execute their harmful intentions.
Phishing hyperlinks made up 38% of all payloads delivered in phishing attacks sent from compromised accounts. Phishing hyperlinks exploit people’s trust in familiar websites by tricking them into visiting fake ones.
Attachments including malware accounted for 35% of payloads delivered in phishing attacks. Financial payloads made up 16% of phishing attacks sent from compromised accounts. Lastly, phishing attacks using pure social engineering tactics with no payload accounted for 11%.