The prevalence of firewalls and anti-virus software has closed many of the common attack vectors that cyber criminals use to gain unauthorised access to networks and to bypass online security. For this reason, attacks increasingly rely on fooling users into allowing access to systems: legitimate-looking emails that easily clear the common-sense hurdle can hide malware and well-planned hacking attacks.
Even with the necessary protections in place, it is surprisingly easy to “spoof” an address, with a form field that looks correct in every way; except for the fact that the sender is not who it appears to be. Most users will think twice about opening an attachment sent by an unknown sender, but if the attachment appears to be from a colleague the usual caution is sometimes left by the wayside.