Forget Hackers, The Biggest Internet Security Threat Is Closer to Home

Uploaded on 2015-05-01 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

source: Verizon

High profile, embarrassing data hacks like the Sony email breach and the Target credit card scandal receive the bulk of the media attention, but there's a bigger threat to Internet security that's much closer to home. 

The 2015 Data Breach Investigation Report conducted by Verizon shows that the biggest threat to your private information may actually be you!

Phishing campaigns, which send malicious emails disguised as legitimate correspondence, have become not only more prevalent but also more effective in tricking Internet users to open them. In past years, the DBIR reported that the overall effectiveness of phishing campaigns was between 10%-20%. However, in this year's report, DBIR notes that the trend has worsened "with 23% of recipients now opening phishing messages and 11% clicking on attachments." 
Unfortunately, the scammers have become far cleverer with their campaigns, according to the report.
Now, these messages are rarely sent in isolation. Many are sent as part of a slow and steady campaign. The numbers again show that a campaign of just 10 emails yields a greater than 90% chance that at least one person will become the criminal's prey.

So how can you protect yourself? The authors of the DBIR take some solace knowing that Internet users do not open or interact with 75% of phishing emails. In the past, Internet users could simply use common sense to stay safe from predatory e-mail scams, but because the phishing campaigns include smarter techniques today, the report suggested three solutions to limit the problem:

  •   Better email filtering before messages arrive in user in-boxes
  •   Developing and executing an engaging and thorough security awareness program
  •   Improved detection and response capabilities

In many cases, however, it's human diligence and not technology that represent the frontline of defense. This can be maximized in a business setting.

"One of the most effective ways you can minimize the phishing threat is through effective awareness and training," said Lance Spitzner from the SANS Institute, a cooperative research and education organization, which focuses on security issues. 

Motley Fool:  http://bit.ly/1GMnj81   Verizon: http://vz.to/1GFmIEE

« Stellar Wind: CIA analysts didn’t use the NSA’s Spy program.
Is the US - Iran Cyber War Over? »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Pluralsight

Pluralsight

Pluralsight helps enterprises build technology skills at scale with expert-authored courses on today’s most important technologies including information and cyber security.

XenArmor

XenArmor

XenArmor products include NetCertScanner, an enterprise software to scan & manage expired SSL Certificates on your local network or internet.

Progress Flowmon

Progress Flowmon

Progress Flowmon (formerly Flowmon Networks) provide high performance network monitoring technology and behavior analytics to enhance network performance and deal with cyber threats.

Antiy Labs

Antiy Labs

Antiy Labs is a vender of antivirus engine and solution, providing the best-in-breed antivirus engine and next generation antivirus services for confronting PC malware and mobile malware.

Lithuanian National Accreditation Bureau

Lithuanian National Accreditation Bureau

Lithuanian National Accreditation Bureau is the national accreditation body for Lithuania. The directory of members provides details of organisations offering certification services for ISO 27001.

Aptiv

Aptiv

Aptiv is a global technology company that develops safer, greener and more connected solutions enabling the future of mobility.

At-Bay

At-Bay

At-Bay offer an end-to-end solution to cyber risk with comprehensive risk assessment, a tailored cyber insurance policy and year-long, active, risk-management service.

CHEQ

CHEQ

CHEQ provides fully autonomous, preemptive technology for brand safety and ad-fraud prevention.

Omnipotech

Omnipotech

Omnipotech is a complete managed service provider. From desktop to datacenter, all the technology support you need, under one umbrella.

North American International Cyber Summit

North American International Cyber Summit

The North American International Cyber Summit brings together experts from around the globe to provide timely content and address a variety of cybersecurity issues impacting the world.

F1 Security

F1 Security

F1 Security provides a family of web security solutions including web application firewalls, web shell detection solutions, and web shell scanners.

FoxTech

FoxTech

FoxTech is an independent, friendly and deeply specialised cyber security company in the UK, with expertise spanning decades of Public Sector and Government services.

Varen Technologies

Varen Technologies

Varen Technologies is an innovative consulting partner with highly respected cyber security, analytics, Agile Software Development and IT/maintenance expertise.

DESCERT

DESCERT

DESCERT offers you an extended IT, cyber security, risk advisory & compliance audit team which provides strategic guidance, engineering and audit services.

SPYROS Information & Technology Consulting

SPYROS Information & Technology Consulting

SPYROS specializes in providing highly qualified professionals in Computer Network Operations, Signals Intelligence, Technical Training and Certifications, Network Administration and Security.

DataTrails

DataTrails

DataTrails enables organizations to prove and verify the provenance and authenticity of any data they use in their business operations.