At PhishCloud we believe that people are vital in helping prevent phishing. These are some of the reasons why we have a different approach.
In 2018 alone, 83% of people received phishing emails
- 64% of businesses experience phishing attacks
Why It’s Tough To Spot A Fake
49% of hackers prefer to exploit human nature, not tech
-
Social engineering attacks are on the rise — more than doubling from 2013-2018
-
Why isn’t looking out for red flags enough?
-
384 billion emails are sent everyday ー 85% are spam
-
In 2018, 8 in 10 people experienced a phishing attack
-
Many Employees Are Left In The Dark
-
2 in 3 consumers have received phishing emails
-
1 in 3 have been compromised
-
had a computer infected with a virus or malware
-
been notified their account was compromised
-
had a social media or email account hacked
-
Phishing victims experienced
-
Compromised accounts: 65%
-
Malware infections: 49%
-
Loss of data: 24%
-
Businesses lose nearly $2 million per incident, but that’s not all
-
Decreased productivity: 67%
-
Data loss: 54%
-
Reputation damage: 50%
1 in 3 consumers will stop using a business after a security breach
Social Engineering 101
-
72% of employees report that protecting themselves from email attacks has become more difficult since 2016
-
The Psychology of Phishing | What do we fall for?
-
Toll Violation Notification | Why? Creates a sense of urgency
-
Invoice Payment Required | Why? Mimics realistic personalized messages
-
Updated Building Evacuation Plan | Why? Preys upon fear with need-to-know info
-
BUT phishing attacks can even come unseen
-
Formjacking
-
When website forms are hacked to collect private user information
-
Typically used to steal credit card and payment details from checkout pages
-
Formjacking represents a serious threat for both businesses and consumers” Greg Clark, CEO of Symantec
-
Ransomware
-
When hackers lock a device and demand ransom to release data
-
Large businesses, government agencies, law firms, and banks are among the main targets | Why? For their secure information and access to large funds
-
77% of successful social engineering attacks start with a phishing email — How can you protect your business?
-
Cybersecurity That Works: Why You Need People, Not Just Tech
-
Annual Training Is Not Enough
-
95% of infosec professionals train employees to identify phishing attacks
-
Despite annual training, 35% of employees don’t know what “phishing” means
-
1 in 10 have clicked a link in a phishing email
-
Current Phishing Solutions Alone Aren’t Scalable
-
Common Practice: Have employees forward suspicious emails to IT
-
The Problem: Of all emails flagged by employees, just 15% are actually malicious — and many malicious emails fall through the cracks
-
People learn better through practice & reinforcement
-
Over half of infosecurity professionals believe training has reduced phishing susceptibility
-
76% of professional phishing victims receive additional counseling from a manager rather than negative consequences
-
74% of hackers say they’re rarely impressed by an organization’s security measures]
-
The Key To Security Is People
-
Training employees to spot phishing attacks
-
Give them feedback on their effectiveness
-
Get everyone involved in protecting the company
-
In 2018, 93% of security breaches involved phishing* scams
The Internet is full of dark alleys — Teach your employees to shine a light in the dark
Sources:
https://us.norton.com/internetsecurity-emerging-threats-what-is-formjacking.html
https://fortune.com/2017/04/27/facebook-google-rimasauskas/
https://www.paypal.com/us/brc/article/what-is-phishing-or-spoofing
https://www.nuix.com/black-report/black-report-2018
https://www.symantec.com/security-center/threat-report
https://www.infosecurity-magazine.com/news/mps-bombarded-spam-brexit-no-deal/
https://www.talosintelligence.com/reputation_center/email_rep
https://enterprise.verizon.com/resources/reports/2019-data-breach-investigations-report.pdf
https://us.norton.com/internetsecurity-malware-ransomware-5-dos-and-donts.html
Source: phishcloud.com