As digital communication evolves, so do the tactics of cybercriminals. Cybersecurity expert Sebiotimo Abimbola has revealed that in 2024, cybercriminals are developing increasingly sophisticated phishing tactics, posing a growing threat to small businesses. With limited cybersecurity resources compared to larger enterprises, it is crucial for these businesses to stay ahead of these evolving threats. New phishing techniques demand a proactive approach to cybersecurity, making it essential for small business owners, IT professionals, and cybersecurity enthusiasts to take action to safeguard their operations.
According to him “Phishing, a deceptive cyber-attack technique where criminals impersonate legitimate entities to steal sensitive information, has evolved significantly. What once were simple email scams have now become complex schemes involving artificial intelligence (AI), social media, and mobile platforms. The shift to remote work during the COVID-19 pandemic has further exposed vulnerabilities in traditional security measures, making phishing attacks more targeted and sophisticated.”
He further explained: “In 2024, key phishing tactics include email phishing which can be in the form of; spear phishing, Business Email Compromise (BEC), and Quishing (QR code phishing). Other key tactics are vishing (voice phishing), and smishing (SMS phishing). Email phishing remains the most prevalent, with cybercriminals leveraging Artificial Intelligence (AI) to craft highly convincing messages that are difficult to detect, this level of customization makes these attacks difficult to identify and often bypass traditional security measures. Vishing has become more convincing due to advances in voice technology, including deepfakes, while smishing targets the widespread use of smartphones and messaging apps. Additionally, cybercriminals are increasingly exploiting cloud services and Internet of Things (IoT) devices, taking advantage of businesses’ reliance on these platforms for their operations.”
He, however, proffered solutions to combat these emerging digital threats, while also reflecting on real life experiences at his previous employments at Motormata and Alerzo. Small businesses must implement robust cybersecurity measures like a zero-trust approach. This approach includes enforcing the use of access control mechanisms like Role Based Access Control (RBAC) and multifactor authentication (MFA) for all access attempts, micro-segmenting networks to give only authorized users access, continuous monitoring, and continuous user education and security awareness programs. He also added that these businesses can employ spam filters and verify requests for sensitive information through secondary means. By integrating these advanced security technologies and fostering a culture of security awareness, small businesses can strengthen their defenses against the evolving landscape of phishing attacks in 2024.