Don't Underestimate The Impact Of Phishing

Uploaded on 2018-11-16 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY--Hackers

A new survey of cybersecurity decision-makers shows that most companies lack adequate safeguards against phishing threats and many don't fully understand the risks or how widespread the threat is.

The survey from phishing site detection company SlashNext reveals that 95 percent of respondents underestimate how frequently phishing is used at the start of attacks to successfully breach enterprise networks.

Only five percent of respondents realise that phishing is the at the start of over 90 percent of successful breaches. In fact, phishing is one of the most used and most successful attack vectors, but despite multi-level security controls and phishing awareness training for employees, most organizations remain unaware of their increasing vulnerability to these threats.

While phishing attacks are often linked with emails, phishing attack vectors are expanding beyond email to other attack vectors including adverts, search results, pop-ups, social media, IM and chat applications, as well as rogue browser extensions and apps.

Over half of respondents to the survey named the growing number of phishing attack vectors beyond email as a top three concern.

"Phishing tactics have evolved to using very fast-moving phishing sites and phishing attack vectors that evade existing security controls. And with such legitimate-looking phishing sites manipulating users, there is little to protect employees, not even phishing awareness training," says Atif Mushtaq, CEO and founder of SlashNext. 

"The solution involves a phishing detection system that can analyse and detect malicious sites like a team of cybersecurity researchers, but do it in real-time to protect users."

Among other findings 77 percent mistakenly think they currently have technologies that provide real-time phishing site detection capabilities. 

Yet 37 percent cite the inability of their current defenses to reliably detect phishing attacks as a top concern. 45 percent believe they experience 50 or more phishing attacks per month, while 14 percent believe they experience more than 500 phishing attacks per month.

Nearly two-thirds of respondents (64 percent) say shortfalls in employee awareness and training are their top concern for protecting workers against social engineering and phishing threats.

BetaNews:

You Might Also Read:

How To Avoid Facebook Phishing Scams

« Good News About Voting Security
How Companies Can Minimise Cyber Attack Damage »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Seagate Technology

Seagate Technology

Seagate data storage systems are purpose-built for enterprise and data centre performance, scalability, reliability and security.

Conference-Service.com

Conference-Service.com

Conference-Service.com provides a categorised calendar of conferences and events which includes Information Security.

Vitrociset

Vitrociset

Vitrociset design complex systems for defence, homeland security, space and transport. Activities include secure communications and cybersecurity.

AMETIC

AMETIC

AMETIC, is the Association of Electronics, Information and Communications Technologies, Telecommunications and Digital Content Companies in Spain.

CyberProof

CyberProof

CyberProof aims to give clarity and confidence to businesses worldwide using a new risk-based approach to cyber security services.

Cyfirma

Cyfirma

CYFIRMA offers Cyber threat visibility and intelligence suite and services aimed at keeping your organization’s cybersecurity posture up-to-date.

IEEE Cyber Science and Technology Congress (CyberSciTech)

IEEE Cyber Science and Technology Congress (CyberSciTech)

CyberSciTech provides a platform for scientists, researchers, and engineers to share their latest ideas and advances in the broad scope of cyber-related science, technology, and application topics.

WiSecure Technologies

WiSecure Technologies

WiSecure Technologies aims to develop cryptographic products meeting requirements in the new economic era.

Haven Group

Haven Group

Haven Group and its companies are a cyber security one-stop-shop for our clients offering a full range of cyber security services to our clients in a unified and united way.

Onesecure Asia

Onesecure Asia

ONESECURE Asia’s expertise and services are built around its mission to provide reliable, robust and scalable technology solutions to cater for its customers’ needs.

Halogen Group

Halogen Group

Halogen Group is the leading Security Solutions Provider in West Africa. Services encompass Physical Security, Electronic Security, Virtual & Cyber Security, Risk Assessments and Training.

KBE Information Security

KBE Information Security

KBE is a global consulting firm, with offices in Toronto and Milan, which specializes in the area of IT and information security with over 20 years of experience.

Endari

Endari

Endari specializes in building cybersecurity maturity within the operational DNA of early-stage startups and SMBs.

Permiso Security

Permiso Security

Permiso combines industry leading Identity Security Posture Management with Identity Threat Detection and Response, leaving no place to hide for identity threats lurking in your environment.

Ark Infotech

Ark Infotech

Ark Infotech is a provider of cloud management services, selective support services, and technology solutions.

CyberUpgrade

CyberUpgrade

CyberUpgrade is on a mission to empower executives to gain control over their organization’s cybersecurity.