Don't Underestimate The Impact Of Phishing

A new survey of cybersecurity decision-makers shows that most companies lack adequate safeguards against phishing threats and many don't fully understand the risks or how widespread the threat is.

The survey from phishing site detection company SlashNext reveals that 95 percent of respondents underestimate how frequently phishing is used at the start of attacks to successfully breach enterprise networks.

Only five percent of respondents realise that phishing is the at the start of over 90 percent of successful breaches. In fact, phishing is one of the most used and most successful attack vectors, but despite multi-level security controls and phishing awareness training for employees, most organizations remain unaware of their increasing vulnerability to these threats.

While phishing attacks are often linked with emails, phishing attack vectors are expanding beyond email to other attack vectors including adverts, search results, pop-ups, social media, IM and chat applications, as well as rogue browser extensions and apps.

Over half of respondents to the survey named the growing number of phishing attack vectors beyond email as a top three concern.

"Phishing tactics have evolved to using very fast-moving phishing sites and phishing attack vectors that evade existing security controls. And with such legitimate-looking phishing sites manipulating users, there is little to protect employees, not even phishing awareness training," says Atif Mushtaq, CEO and founder of SlashNext. 

"The solution involves a phishing detection system that can analyse and detect malicious sites like a team of cybersecurity researchers, but do it in real-time to protect users."

Among other findings 77 percent mistakenly think they currently have technologies that provide real-time phishing site detection capabilities. 

Yet 37 percent cite the inability of their current defenses to reliably detect phishing attacks as a top concern. 45 percent believe they experience 50 or more phishing attacks per month, while 14 percent believe they experience more than 500 phishing attacks per month.

Nearly two-thirds of respondents (64 percent) say shortfalls in employee awareness and training are their top concern for protecting workers against social engineering and phishing threats.

BetaNews:

You Might Also Read:

How To Avoid Facebook Phishing Scams

« Good News About Voting Security
How Companies Can Minimise Cyber Attack Damage »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CyTech Services

CyTech Services

CyTech provides Forensics Incident Response, Cyber Security and Training services.

Cyber Security Experts Association of Nigeria (CSEAN)

Cyber Security Experts Association of Nigeria (CSEAN)

Cyber Security Experts Association of Nigeria (CSEAN) is a not for profit group of professionals in the field of Information Security in Nigeria and Diaspora.

Konfidas

Konfidas

Konfidas provide high-level cybersecurity consulting and professional tailored solutions to meet specific cybersecurity operational needs.

Security Brokers

Security Brokers

Security Brokers focus services and solutions with a focus on strategic ICT Security and Cyber Defense issues.

Digitronic Computersysteme

Digitronic Computersysteme

Digitronic focus on innovative software to protect your personal and sensitive corporate data.

Dathena

Dathena

Dathena is a company developing data governance software based on machine learning algorithms.

Halcyon Knights

Halcyon Knights

Halcyon Knights is a specialist executive search and IT recruitment agency in the APAC region. Areas of specialisation include cybersecurity.

Cyber Security Academy (CSA)

Cyber Security Academy (CSA)

The CSA aims to educate professionals who wish to contribute to strengthening the digital defensibility of states, organisations and individual citizens.

Stratus Cyber

Stratus Cyber

Stratus Cyber is a premier Cyber Security company specializing in Managed Security Services. Our services include Blockchain Security, Pentesting, and Compliance Assessments.

Britive

Britive

The Britive Platform is a cloud-native security solution built for the most demanding cloud-forward enterprises.

Winbond Electronics

Winbond Electronics

Winbond is a Specialty memory IC company. Product lines include Code Storage Flash Memory, TrustME® Secure Flash, Specialty DRAM and Mobile DRAM.

Noetic Cyber

Noetic Cyber

Noetic provides a proactive approach to cyber asset and controls management, empowering security teams to see, understand, and optimize their cybersecurity posture.

Oasis Technology

Oasis Technology

Oasis Technology are experts in cyber security. In addition to pioneering the game-changing TITAN anti-hacking device, we provide extensive cyber security consulting services.

Omega Systems

Omega Systems

Omega Systems is a leading managed service provider (MSP) and managed security service provider (MSSP) to mid-market organizations.

Google Cloud

Google Cloud

Accelerate your digital transformation. Whether your business is early in its journey or well on its way to digital transformation, Google Cloud can help solve your toughest challenges.

Piiano

Piiano

Piiano offers developer-friendly privacy and security products. Reduce risk and protect your data by using our specialized security and privacy SaaS tools.