Getting Out Of The Phish Net: How To Turn People Into Your Greatest Asset

At PhishCloud we believe that people are vital in helping prevent phishing. These are some of the reasons why we have a different approach.

In 2018 alone, 83% of people received phishing emails

  • 64% of businesses experience phishing attacks

Why It’s Tough To Spot A Fake

49% of hackers prefer to exploit human nature, not tech

  • Social engineering attacks are on the rise — more than doubling from 2013-2018

  • Why isn’t looking out for red flags enough?

  • 384 billion emails are sent everyday ー 85% are spam

  • In 2018, 8 in 10 people experienced a phishing attack

  • Many Employees Are Left In The Dark

  • 2 in 3 consumers have received phishing emails

  • 1 in 3 have been compromised

  • had a computer infected with a virus or malware

  • been notified their account was compromised

  • had a social media or email account hacked

  • Phishing victims experienced

  • Compromised accounts: 65%

  • Malware infections: 49%

  • Loss of data: 24%

  • Businesses lose nearly $2 million per incident, but that’s not all

  • Decreased productivity: 67%

  • Data loss: 54%

  • Reputation damage: 50%

1 in 3 consumers will stop using a business after a security breach

Social Engineering 101

  • 72% of employees report that protecting themselves from email attacks has become more difficult since 2016

  • The Psychology of Phishing | What do we fall for?

  • Toll Violation Notification | Why? Creates a sense of urgency

  • Invoice Payment Required | Why? Mimics realistic personalized messages

  • Updated Building Evacuation Plan | Why? Preys upon fear with need-to-know info

  • BUT phishing attacks can even come unseen

  • Formjacking

  • When website forms are hacked to collect private user information

  • Typically used to steal credit card and payment details from checkout pages

  • Formjacking represents a serious threat for both businesses and consumers” Greg Clark, CEO of Symantec

  • Ransomware

  • When hackers lock a device and demand ransom to release data

  • Large businesses, government agencies, law firms, and banks are among the main targets | Why? For their secure information and access to large funds

  • 77% of successful social engineering attacks start with a phishing email — How can you protect your business?

  • Cybersecurity That Works: Why You Need People, Not Just Tech

  • Annual Training Is Not Enough

  • 95% of infosec professionals train employees to identify phishing attacks

  • Despite annual training, 35% of employees don’t know what “phishing” means

  • 1 in 10 have clicked a link in a phishing email

  • Current Phishing Solutions Alone Aren’t Scalable

  • Common Practice: Have employees forward suspicious emails to IT

  • The Problem: Of all emails flagged by employees, just 15% are actually malicious — and many malicious emails fall through the cracks

  • People learn better through practice & reinforcement

  • Over half of infosecurity professionals believe training has reduced phishing susceptibility

  • 76% of professional phishing victims receive additional counseling from a manager rather than negative consequences

  • 74% of hackers say they’re rarely impressed by an organization’s security measures]

  • The Key To Security Is People

  • Training employees to spot phishing attacks

  • Give them feedback on their effectiveness

  • Get everyone involved in protecting the company

  • In 2018, 93% of security breaches involved phishing* scams

The Internet is full of dark alleys — Teach your employees to shine a light in the dark