Skip to main content

These are the people most likely to fall victim to a phishing attack

Hook on Keyboard
(Image credit: wk1003mike / Shutterstock )
Audio player loading…

As cybercriminals leveraged the pandemic to send out 18m daily malware (opens in new tab) and phishing (opens in new tab) emails at its peak, Google was busy trying to protect Gmail users from cyber threats over the course of last year.

In an effort to better understand why some users are more heavily targeted by phishing emails and malware, the search giant teamed up with researchers at Stanford University to study over a billion malicious emails and their intended targets.

By aggregating and analyzing all of the malicious campaigns blocked by Gmail (opens in new tab) over a five-month period, Google found that users in the US were the most popular targets (42%), followed by the Untied Kingdom (10%) and Japan (5%). The study also revealed that most cybercriminals don't localize their efforts and instead use the same English email templates for users in multiple countries.

At the same time, Google and Stanford University found that the attackers and botnets (opens in new tab) distributing phishing and malware emails rely on fast campaigns that last from just one day to three days on average. In a single week, these small-scale campaigns accounted for over 100m phishing and malware emails in aggregate which targeted Gmail users worldwide.

Heightened risk

In addition to analyzing how the cybercriminals behind phishing and malware campaigns operate, Google also analyzed what factors put a user at higher risk of an attack. 

To do this, the company created a model that used an anonymization technique called “k-anonymity” to ensure any risk trends identified applied to a broad group of similar users. The likelihood of receiving a phishing or malware email in a given week was modeled as a function of geographic location, demographics, security posture, device access and prior security incidents.

The model found that users whose emails or personal details were exposed in a previous third-party data breach (opens in new tab) were five times more likely to be targeted by phishing or malware. Where you live also affects risk though and Australian users were two times more likely to be targeted when compared to users in the US despite the fact that the US is the most popular target by volume and not per capita. Age plays a role as well and users between 55 and 64 are 1.64 times more likely to be targeted when compared to 18 to 24-year-olds. 

Finally, the study found that mobile only users are .80 times less likely to experience an attack compared to multi-device users. However, this may stem from socioeconomic factors related to device ownership and the attackers targeting wealthier groups.

To protect yourself from malware and phishing emails, Google recommends that users complete a Security Checkup (opens in new tab), enroll in is Advanced Protection program (opens in new tab) and consider signing up for Google Workspace (opens in new tab) for its advanced phishing and malware protection which are turned on by default.

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.