Skip to content
Skip to main content

About this free course

Share this free course

Gamified Intelligent Cyber Aptitude and Skills Training (GICAST)
Gamified Intelligent Cyber Aptitude and Skills Training (GICAST)

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

1.3 Cyber security attacks and phishing

This section is part of the amber and green pathways.

Download this video clip.Video player: ou_futurelearn_cyber_security_vid_1046.mp4
Copy this transcript to the clipboard
Print this transcript
Show transcript|Hide transcript
Interactive feature not available in single page view (see it in standard view).
This bar chart shows the percentages of businesses and charities that have identified a breach of attack in the last 12 months.
Figure 7 Types of attack/breach identified by organisations

The nature of cyber attacks has changed since 2017 (see Figure 5). Over this period, there has been a rise in businesses experiencing phishing attacks (from 72% to 86%), a fall in viruses or other malware (from 33% to 16%), and a fall in ransomware (from 17% to 8%) (DCMS, 2020). Let’s now look a little into what phishing is.


It may be surprising that many cyber security breaches do not result from technical failures. In fact, it is commonplace for attackers to exploit the goodwill and trust of people to gain access to systems, using a form of attack that is known as ‘social engineering’. Pretending to be technical support personnel or crafting emails that ask for usernames and passwords are common forms of social engineering attacks. You may have heard the term ‘phishing’ used to describe these kinds of emails. Phishing is a form of social engineering. In the video, course guide Cory explains how it happened to him.

In the next section you’ll find out about three high profile cyber security breaches.