Phishing Is The Top Cyberattack Vector In 2017

Of all attack vectors, phishing remains the most commonly exploited, and accounts for 90% to 95% of all successful cyberattacks worldwide.

According to the IRONSCALES 2017 Email Security Report, culled from an online survey of 500 cybersecurity professionals, employees are most often victims of spoofing and impersonation (67%), followed by branded (35%) and seasonal attacks (31%).

Malicious emails continue to easily bypass legacy spam filters, firewalls and gateways through increasingly sophisticated CEO fraud and brand spoofing campaigns.

Further, due to human nature, unaware or preoccupied users, even those actively engaged in an awareness training program, are easily lured into downloading an attachment or clicking on a malicious email link to inadvertently provide attackers with access to sensitive corporate networks and data.

Even when detected, nearly half of organisations (46%) reported that it takes a day or longer to remove phishing emails from endpoints once a phishing attack is reported to the security team, largely due to a lack of manpower.

Accordingly, about three-quarters (72%) of security professionals said they believe automated inbox scanning and email forensics are the most valuable email security technology; and 93% of respondents agree that humans and technology need to work side-by-side in order to better detect and respond to sophisticated email phishing attacks.

On the flip side, almost a quarter (22%) said they could remove them within 30 minutes.

“When time is of the essence, as it is with stopping and minimising phishing attacks, the integration of human intelligence with technology significantly and effectively expedites prevention, detection and response,” said Eyal Benishti, founder and CEO of IRONSCALES.

“With email phishing attacks proliferating in frequency and complexity, it’s positive to find that cybersecurity professionals are beginning to recognise human-machine collaboration as an essential component of their organisations’ phishing response and email security strategies.”

Infosecurity:

You Might Also Read

A New Approach To Combat Phishing:

The New Face of Cybersecurity:

 

« Social Media & 21st-Century Warfare
Criminalised: Watching Terrorist Propaganda Online »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CoSoSys Endpoint Protector

CoSoSys Endpoint Protector

Endpoint Protector by CoSoSys is an advanced all-in-one DLP solution for Windows, macOS, and Linux, that puts an end to unintentional data leaks and protects from malicious data theft.

Versasec

Versasec

Versasec is a leader in identity and access management, providing customers with security solutions for managing digital identities.

Atlantic Council

Atlantic Council

The Atlantic Council's Cyber Statecraft Initiative focuses on international cooperation, competition, and conflict in cyberspace.

Conix

Conix

Conix offerings include Governance and Risk Management, Auditing and Penetration Testing, Digital Forensics, Managed Security Operations Centre (SOC).

Fraunhofer Institute for Secure Information Technology (SIT)

Fraunhofer Institute for Secure Information Technology (SIT)

Fraunhofer SIT is a research centre specialising in all areas of IT security.

Forter

Forter

Forter provides new generation fraud prevention to meet the challenges faced by modern enterprise e-commerce.

Caretower

Caretower

Caretower is one of Europe’s leading value added managed service provider in cyber security.

Secude

Secude

SECUDE is an established global security solutions provider offering innovative data protection for SAP users.

Industrial Cybersecurity Center (CCI)

Industrial Cybersecurity Center (CCI)

CCI is the first center of its kind that comes from industry without subsidies, independent and non-profit, to promote and contribute to the improvement of Industrial Cybersecurity.

Sequretek

Sequretek

Sequretek was formed with the aim to “Simplify Security”. We envision a future where enterprise networks are streamlined, secure and simple.

Cloud Box Technologies

Cloud Box Technologies

Cloud Box Technologies is one of the premier IT Infrastructure Solution providers in the Middle East.

Advantex Network Solutions

Advantex Network Solutions

Advantex Network Solutions are a leading provider in Mitel, IT Solutions, Networking, and iP surveillance.

Venari Security

Venari Security

Venari is an award-winning cybersecurity SaaS provider that has developed an ETA (Encrypted Traffic Analysis) platform which fundamentally changes the way encrypted traffic is analysed.

eCapital

eCapital

eCAPITAL is a leading venture capital firm that provides early to growth stage funding to technology companies in fields including software & information technology, cybersecurity and industry 4.0.

Evo Security

Evo Security

Evo Security is an Identity and Access Management company focused exclusively on serving MSPs, MSSPs and their SMB and Mid-Market customers.

CyberXpert

CyberXpert

CyberXpert is your cybersecurity partner for the public and private sector in Belgium.