Cyber Security Awareness Month 2023

Were you aware that a cyber-attack happens every 36 seconds¹ or that global cybercrime costs are predicted to hit $10,5 trillion annually by 2025²? I certainly wasn’t! 95% of security breaches³ are due to human errors. This underscores the current significance of cyber security awareness. As October marks Cyber Security Awareness Month, let’s explore the advancements in security and awareness over the years and pinpoint the essential steps for enhancement. 

What is Cyber Security Awareness Month? 

In the early days of the internet, cyber security often took a back seat. Both individuals and organisations were somewhat oblivious to potential hazards, making the digital realm akin to the wild west regarding vulnerabilities. However, as technology evolved, the imperative for cyber security consciousness grew. Through the years, we’ve seen considerable strides in security education. 

Cyber security awareness initiatives have multiplied, enlightening people and businesses on the necessity of safeguarding their digital assets. The public is now better versed in the perils of cyber threats, realising the value of strong passwords, timely software updates, and prudent online habits. But let’s delve deeper into a particular facet of cyber security: phishing, with a special focus on its underlying psychology. 

A basic example: “Dear customer, Bank of America is closing your bank account. Please enter your PIN at to keep your account active.” Recognise this format? Chances are, you’ve encountered such a message before. What makes these messages so potent as phishing tactics? The frequency of phishing attacks is increasing, with half of all emails dispatched in 2021 identified as phishing emails4.

Why phishing attacks work so well 

Phishing attacks trick people by appearing as trusted messages or websites. They exploit our trust and sometimes scare us into taking action quickly. Let’s look at why these scams are so effective. 


  • Phishing attacks often manipulate our innate desire to act urgently when confronted with alarming or enticing news. The language used in these emails or messages is carefully crafted to create a sense of stress that impairs decision-making. It’s not uncommon for potential victims to overlook typical phishing red flags due to their focus on the message’s perceived urgency. 

The power of stress 

  • Stress significantly impacts our decision-making processes, often leading us to prioritise potential gains over potential losses. Scammers exploit this vulnerability by crafting messages designed to raise stress levels. Victims are then forced to choose between responding immediately to resolve the situation or taking a moment to assess the message’s legitimacy. 

Trust and credibility 

  • It’s human nature to have an inherent trust in authoritative figures. Phishing attempts capitalise on this tendency by impersonating trusted entities, such as financial institutions or government bodies. When people receive an email that appears to be from a credible source, they become more susceptible to complying with requests for sensitive information. 

How to Recognise Phishing Attacks  

To spot phishing attacks, it’s crucial to recognise the language cues that drive recipients to respond hastily. Keep an eye out for the following: 

  • Deadlines and time sensitivity
    Phishing messages may claim that you have only 12 hours to respond or that your account will be suspended within a day. These fake short deadlines are meant to increase the chances of falling victim to the scam. 
  • Scarcity
    Scammers may create a sense of urgency by suggesting that only a few gift cards are left or that a limited number of people have already taken advantage of an offer. This tactic makes the product or service appear in high demand, enhancing the scam’s appeal. 
  • Quick fixes
    By urging users to click a link or button immediately, scammers leave less time for critical thinking. The links in phishing emails or texts are designed to extract personal or banking information as swiftly as possible. 

 As awareness of phishing attacks grows, scammers use increasingly plausible scenarios to deceive recipients. Gone are the days of foreign princes in desperate need of money. Today, phishing emails may claim your parcel can’t be delivered, offer discounts on energy bills, or claim to be your relative with a new number. 

Common features of generic phishing scams

Typical phishing attempts often include the following features: 

  • Well-known brand names (PayPal, Tesco, McAfee, Chamber of Commerce, etc.). 
  • Generic yet urgent tasks, such as scheduling a COVID test, reshipping a parcel, or updating customer information. 
  • Offers that seem too good to be true, such as promises of a new phone, a free holiday, or unexpected Bitcoin deposits. 

Spear phishing attacks

Spear phishing attacks, which are targeted at specific individuals, businesses, or charities, often mimic regular business emails from customers or co-workers. They may request the completion of a form or seek assistance with a task. These attacks are designed to appear as mundane as possible, making them a potent threat to anyone within an organisation. 


In conclusion, understanding the urgent language and tactics used in phishing attacks is essential for staying safe in our digitally connected world. By recognising these signs, we can better protect ourselves from falling victim to scams. Remember, vigilance and a cautious approach to online messages are your best defences against phishing attempts. 

As we commemorate Cyber Security Awareness Month, it’s a prime opportunity to reflect on the importance of cyber security education. The month serves as a reminder that, while technology and threats evolve, so too must our knowledge and strategies for safeguarding our digital lives. It underscores our collective responsibility in ensuring a safer digital community for everyone. 

Are you interested in more information about cyber security? Read our blog about minimising cyber risks for remote workers.