Don't Underestimate The Impact Of Phishing

Uploaded on 2018-11-16 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY--Hackers

A new survey of cybersecurity decision-makers shows that most companies lack adequate safeguards against phishing threats and many don't fully understand the risks or how widespread the threat is.

The survey from phishing site detection company SlashNext reveals that 95 percent of respondents underestimate how frequently phishing is used at the start of attacks to successfully breach enterprise networks.

Only five percent of respondents realise that phishing is the at the start of over 90 percent of successful breaches. In fact, phishing is one of the most used and most successful attack vectors, but despite multi-level security controls and phishing awareness training for employees, most organizations remain unaware of their increasing vulnerability to these threats.

While phishing attacks are often linked with emails, phishing attack vectors are expanding beyond email to other attack vectors including adverts, search results, pop-ups, social media, IM and chat applications, as well as rogue browser extensions and apps.

Over half of respondents to the survey named the growing number of phishing attack vectors beyond email as a top three concern.

"Phishing tactics have evolved to using very fast-moving phishing sites and phishing attack vectors that evade existing security controls. And with such legitimate-looking phishing sites manipulating users, there is little to protect employees, not even phishing awareness training," says Atif Mushtaq, CEO and founder of SlashNext. 

"The solution involves a phishing detection system that can analyse and detect malicious sites like a team of cybersecurity researchers, but do it in real-time to protect users."

Among other findings 77 percent mistakenly think they currently have technologies that provide real-time phishing site detection capabilities. 

Yet 37 percent cite the inability of their current defenses to reliably detect phishing attacks as a top concern. 45 percent believe they experience 50 or more phishing attacks per month, while 14 percent believe they experience more than 500 phishing attacks per month.

Nearly two-thirds of respondents (64 percent) say shortfalls in employee awareness and training are their top concern for protecting workers against social engineering and phishing threats.

BetaNews:

You Might Also Read:

How To Avoid Facebook Phishing Scams

« Good News About Voting Security
How Companies Can Minimise Cyber Attack Damage »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

itWatch

itWatch

itWatch is focused on data loss prevention (DLP), endpoint security, mobile security, encryption, and cost reducing solutions for IT operations.

Watchcom Security Group

Watchcom Security Group

Watchcom is one of Norway's foremost suppliers of information security consultancy services.

Professional Insurance Agents (PIA)

Professional Insurance Agents (PIA)

Professional Insurance Agents (PIA) offer commercial insurance services including Cyber Liability insurance.

H-11 Digital Forensics

H-11 Digital Forensics

H-11 Digital Forensics is a global leader of digital forensic technology.

Armorblox

Armorblox

Armorblox stops targeted email attacks such as 0-day credential phishing, payroll fraud, vendor fraud, and other threats that get past legacy security controls.

ES2

ES2

ES2 is a consulting organisation specialising in Enterprise Security and Solutions Services.

Stage2Data

Stage2Data

Stage2Data is one of Canada’s most trusted cloud solution providers offering hosted Backup and Disaster Recovery Services.

Concordium

Concordium

Concordium aims to build the world’s leading open-source, permissionless, and decentralized blockchain with built-in user identity at the protocol level.

Stratus Cyber

Stratus Cyber

Stratus Cyber is a premier Cyber Security company specializing in Managed Security Services. Our services include Blockchain Security, Pentesting, and Compliance Assessments.

Appsec Phoenix

Appsec Phoenix

Appsec Phoenix is an end to end vulnerability management platform that focuses on workflows, threat feed, and real time data.

11:11 Systems

11:11 Systems

11:11 Systems synchronizes every aspect of network services for your business. Build your network with the industry’s most trusted expert skills.

FCI

FCI

FCI is a NIST-Based Managed Security Service Provider (MSSP) offering Cybersecurity Compliance Enablement Technologies & Services to Financial Services organizations.

CyAmast

CyAmast

CyAmast is an IoT Network security and analytics company that is changing the way enterprise and governments detect and protect networks from the pervasive threat of cyber attacks.

Robosoft Technologies

Robosoft Technologies

Robosoft Technologies is a full-service digital transformation partner. We provide end-to-end digital transformation services in areas including cybersecurity.

Mitra Informatics Integration (MII)

Mitra Informatics Integration (MII)

Mitra Informatics Integration is the information communication technology solution business of the Metrodata Group.

Tria Federal

Tria Federal

Tria Federal is the premier middle-market Technology and Advisory services provider delivering digital transformation solutions to federal health and public safety agencies.