Phishing Is The Top Cyberattack Vector In 2017

Uploaded on 2017-11-02 in FREE TO VIEW, NEWS-Cybersecurity News

Of all attack vectors, phishing remains the most commonly exploited, and accounts for 90% to 95% of all successful cyberattacks worldwide.

According to the IRONSCALES 2017 Email Security Report, culled from an online survey of 500 cybersecurity professionals, employees are most often victims of spoofing and impersonation (67%), followed by branded (35%) and seasonal attacks (31%).

Malicious emails continue to easily bypass legacy spam filters, firewalls and gateways through increasingly sophisticated CEO fraud and brand spoofing campaigns.

Further, due to human nature, unaware or preoccupied users, even those actively engaged in an awareness training program, are easily lured into downloading an attachment or clicking on a malicious email link to inadvertently provide attackers with access to sensitive corporate networks and data.

Even when detected, nearly half of organisations (46%) reported that it takes a day or longer to remove phishing emails from endpoints once a phishing attack is reported to the security team, largely due to a lack of manpower.

Accordingly, about three-quarters (72%) of security professionals said they believe automated inbox scanning and email forensics are the most valuable email security technology; and 93% of respondents agree that humans and technology need to work side-by-side in order to better detect and respond to sophisticated email phishing attacks.

On the flip side, almost a quarter (22%) said they could remove them within 30 minutes.

“When time is of the essence, as it is with stopping and minimising phishing attacks, the integration of human intelligence with technology significantly and effectively expedites prevention, detection and response,” said Eyal Benishti, founder and CEO of IRONSCALES.

“With email phishing attacks proliferating in frequency and complexity, it’s positive to find that cybersecurity professionals are beginning to recognise human-machine collaboration as an essential component of their organisations’ phishing response and email security strategies.”

Infosecurity:

You Might Also Read

A New Approach To Combat Phishing:

The New Face of Cybersecurity:

 

« Social Media & 21st-Century Warfare
Criminalised: Watching Terrorist Propaganda Online »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Globalscape

Globalscape

Globalscape is a leader in secure data exchange solutions.

The Open Group

The Open Group

The Open Group: Leading the development of open, vendor-neutral IT standards and certifications.

QA

QA

QA is a leading IT training provider in the UK with over 1,500 courses covering all areas of IT including Cyber Security.

Avatao

Avatao

Avatao is an online training platform for building secure software, offering a rich library of hands-on IT security exercises for software engineers to teach secure programming.

ZenMate

ZenMate

ZenMate is a Virtual Private Network services provider offering secure encrypted access to the internet.

Intertrust Technologies

Intertrust Technologies

Intertrust Technologies is a software company specializing in trusted computing products and services.

bluedog Security Monitoring

bluedog Security Monitoring

Sentinel from bluedog provides powerful and affordable internal network monitoring.

Absa Cybersecurity Academy

Absa Cybersecurity Academy

Absa Cybersecurity Academy is an initiative aimed at empowering marginalised South African youths to become certified cybersecurity specialists.

Exterro

Exterro

Exterro is a leading provider of e-discovery and information governance software specifically designed for in-house legal, privacy and IT teams at Global 2000 and Am Law 200 organizations.

Kobalt.io

Kobalt.io

Kobalt are bringing the monitoring capabilities of enterprise-class security teams to smaller organizations.

DataSolutions

DataSolutions

DataSolutions is a leading value-added distributor of transformational IT solutions in the UK and Ireland.

Armolon

Armolon

Armolon provides comprehensive data breach and cybersecurity, as well cybersecurity audits and certifications, and disaster recovery/business continuity services to clients.

Sonet.io

Sonet.io

Sonet.io is built for IT leaders that want a great experience for their remote workers, while enhancing security and observability.

Cybercentry

Cybercentry

Cybercentry is a specialist information security, data protection and cyber security consultancy.

TrustMe

TrustMe

TrustMe’s integrated platform for business trust and resilience keeps organizations safe, secure, and trustworthy.

CyberNINES

CyberNINES

CyberNINES is a business specializing in helping US Department of Defense contractors become compliant and attest to federal cybersecurity regulation requirements.