- Get link
- X
- Other Apps
A current study by
Proofpoint shows that three-quarters of companies worldwide were affected by
phishing attacks in 2020.
The cybersecurity and compliance specialist Proofpoint has published the results of its seventh annual “State of the Phish Report”. This makes it clear that phishing is almost omnipresent. More than 75 percent of the 600 or so security experts surveyed from Germany, France, Great Britain, Spain, the USA, Australia, and Japan stated in the course of the study that their company was confronted with widespread phishing attacks in 2020.
The success rate of these attacks has also increased. In 2020, companies were confronted with successful phishing attacks more often then they were in the previous year (57 percent versus 55 percent). In addition, business email compromise attacks (BEC) continue to be a serious problem.
“Cybercriminals around the world continue to target people as vulnerabilities with sophisticated and compelling social engineering. They mainly rely on e-mail as a transport medium for their fraud. This means that email remains the central threat vector, ”said Michael Heuer, Vice President DACH at Proofpoint, commenting on the results. Securing the e-mail channel is undoubtedly a business-critical factor today, he concludes. "This also includes ensuring that users know how to identify and report attempted cyberattacks," added Heuer.
It is therefore particularly important to sensitize employees. Because the survey results reveal a lack of tailor-made training: For example, 90 percent of the security employees surveyed in the USA stated that their company's workforce switched to working from home last year. But only 29 percent trained users on how to work safely from outside the office.
More than Half Pay the Ransom
Proofpoint's “State of the Phish Report” also reflects a global ransomware plague. 66 percent of the companies surveyed were affected by ransomware infections. And more and more companies are deciding to pay the criminals a ransom, despite advice from cybersecurity experts to the contrary. Specifically, more than half of the ransomware-plagued companies decided to pay the ransom.
However, the hope of getting the data back undamaged and complete was not always fulfilled. Because of those who paid the ransom, only 60 percent regained access to their data and systems after the first payment. Also, almost 40 percent were faced with another ransom demand after the first payment - an increase of 320 percent compared to the previous year, 32 percent said that they then decided to also pay the additional ransom demands - an increase of 1,500 percent compared to 2019.
Training Helps
The report also shows this: 80 percent of the companies surveyed stated that training on security awareness could reduce the susceptibility to phishing. But while 98 percent of respondents said their organization has a security awareness training program, only 64 percent offer users really formal training as part of cybersecurity training.
The cybersecurity and compliance specialist Proofpoint has published the results of its seventh annual “State of the Phish Report”. This makes it clear that phishing is almost omnipresent. More than 75 percent of the 600 or so security experts surveyed from Germany, France, Great Britain, Spain, the USA, Australia, and Japan stated in the course of the study that their company was confronted with widespread phishing attacks in 2020.
The success rate of these attacks has also increased. In 2020, companies were confronted with successful phishing attacks more often then they were in the previous year (57 percent versus 55 percent). In addition, business email compromise attacks (BEC) continue to be a serious problem.
“Cybercriminals around the world continue to target people as vulnerabilities with sophisticated and compelling social engineering. They mainly rely on e-mail as a transport medium for their fraud. This means that email remains the central threat vector, ”said Michael Heuer, Vice President DACH at Proofpoint, commenting on the results. Securing the e-mail channel is undoubtedly a business-critical factor today, he concludes. "This also includes ensuring that users know how to identify and report attempted cyberattacks," added Heuer.
It is therefore particularly important to sensitize employees. Because the survey results reveal a lack of tailor-made training: For example, 90 percent of the security employees surveyed in the USA stated that their company's workforce switched to working from home last year. But only 29 percent trained users on how to work safely from outside the office.
More than Half Pay the Ransom
Proofpoint's “State of the Phish Report” also reflects a global ransomware plague. 66 percent of the companies surveyed were affected by ransomware infections. And more and more companies are deciding to pay the criminals a ransom, despite advice from cybersecurity experts to the contrary. Specifically, more than half of the ransomware-plagued companies decided to pay the ransom.
However, the hope of getting the data back undamaged and complete was not always fulfilled. Because of those who paid the ransom, only 60 percent regained access to their data and systems after the first payment. Also, almost 40 percent were faced with another ransom demand after the first payment - an increase of 320 percent compared to the previous year, 32 percent said that they then decided to also pay the additional ransom demands - an increase of 1,500 percent compared to 2019.
Training Helps
The report also shows this: 80 percent of the companies surveyed stated that training on security awareness could reduce the susceptibility to phishing. But while 98 percent of respondents said their organization has a security awareness training program, only 64 percent offer users really formal training as part of cybersecurity training.
Not least because of this, Proofpoint's “ State of the Phish Report 2021 ” includes practical
tips and comprehensive analysis of the threat landscape in terms of
phishing to reduce the risks for companies.
Install total security and stay relax about phishing attacks.
Comments
Post a Comment