Connect with us

Hi, what are you looking for?

HEADLINES

Phishing attacks on employees increased in 70% of organizations during pandemic – Sophos

The vast majority (70%) of all IT teams said the number of phishing emails hitting their employees increased during 2020. This rose to 82% of IT teams in organizations that had been struck by ransomware during the year.

Photo by Jon Moore from Unsplash.com

Sophos published “Phishing Insights, 2021,” which looks at the experience and understanding of phishing in organizations around the world during 2020. 

The results show that phishing attacks targeting organizations ramped up considerably during the pandemic, as millions of home-working employees became a prime target for adversaries.

The vast majority (70%) of all IT teams said the number of phishing emails hitting their employees increased during 2020. This rose to 82% of IT teams in organizations that had been struck by ransomware during the year.

Other highlight findings from the research include:

Advertisement. Scroll to continue reading.
  1. IT professionals can’t agree on a single definition of phishing. The most common understanding of phishing, selected by 57% of respondents, is “emails that falsely claim to be from a legitimate organization, usually combined with a threat or request for information.” Forty-six percent consider Business Email Compromise (BEC) attacks to be phishing, and more than one-third (36%) think threadjacking (when attackers insert themselves into a legitimate email thread as part of an attack) is phishing.
  2. Most (90%) organizations run cybersecurity awareness programs to address phishing. However, in the light of the survey results, phishing awareness and education programs need to consider the wide range of perceived phishing definitions and include training for non-technical employees that explain the different facets of phishing and email attacks in general.

Chester Wisniewski, principal research scientist at Sophos, said: “Phishing has been around for over 25 years and remains an effective cyberattack technique. One of the reasons for its success is its ability to continuously evolve and diversify, tailoring attacks to topical issues or concerns, such as the pandemic, and playing on human emotions and trust.

“The temptation for organizations can be to see phishing attacks as a relatively low-level threat, but that underestimates their power. Phishing is often the first step in a complex, multi-stage attack. According to Sophos Rapid Response, attackers frequently use phishing emails to trick users into installing malware or sharing credentials that provide access to the corporate network. The team has seen at first-hand how a seemingly innocuous email can ultimately lead to a multi-million-dollar ransomware attack. Cryptojacking, data – and even financial – theft are all potential outcomes after a phishing attack has opened a door for adversaries. 

“The ideal would be to prevent phishing emails from ever reaching their intended recipient. Effective email security solutions can go a long way towards achieving this, but this should be complemented by alert and primed employees who are able to spot and report suspicious messages before they get any further.”

Advertisement
Advertisement
Advertisement

Like Us On Facebook

You May Also Like

HEADLINES

Statistics from the cybersecurity company show that the top five applications young Pinoy kids are spending time most on are YouTube (26.46%), TikTok (16.75%)...

HEADLINES

Sophos is the only vendor named a Customers’ Choice in both the 2022 Voice of the Customer: Network Firewalls and 2021 Voice of the...

HEADLINES

While ransomware remains a prominent threat, with two-thirds (64%) of companies already having suffered an attack, paying ransom seems to be perceived by executives...

HEADLINES

Kaspersky experts are always keeping an eye on ransomware groups’ activities and on Anti-Ransomware Day have released a report covering new ransomware trends spotted...

Laptops

The introduction of the ASUS Vivobook Pro 15 OLED (M3500) was a welcome development especially for people belonging to the 18 to 30-year old...

HEADLINES

Today there are millions of apps, helping users with almost every aspect of their everyday life – from entertainment to banking and billing. With...

HEADLINES

The country comes second after Thailand, where children are highly exposed to online risks and don't have sufficient skills to cope with cyberthreats.

Biz Solutions

Kaspersky has introduced Endpoint Security Cloud Pro to provide companies with the opportunity to use advanced technologies to secure increasingly complex environments with the...

Advertisement