How Vulnerable are businesses to phishing attacks?

36
Phishing Attacks

Bad actors are chasing down more system vulnerabilities and data, as most businesses are operating in a scattered manner. Phishing scams are shooting up rapidly.

In light of the pandemic, businesses are operating in a dispersed manner and facing the risk of data loss because of fragile cybersecurity and unprotected data practices. With the global marketplace witnessing a new low, phishing scams are shooting up rapidly. Hence, the business ecosystem is actively taking measures against potential attacks.

Currently, cybercriminals are chasing down more system vulnerabilities and data. The latest cybersecurity statistics and trends reveal that data from different sources, especially IoT devices and mobile, is increasingly targeted and attacked.

Risk-Based Security claimed that in the first half of 2019, over 4.1 billion records were exposed, and the average time required to identify a leak was 206 days. The average loss produced by any data breach is projected at $3.86 million for organizations – as per Ponemon Institute.

Read More: Vishing- the latest version of phishing attack tactics

Globally, cyber-attacks will drive more than $5 trillion in losses in 2021, indicated Juniper Research. Intelligence experts have revealed the registration of several tricky, look-alike domains in the past months. Hence, more business organizations are prioritizing data and assets with full convergence and end to end cybersecurity infrastructure.

Lately, Keepnet Labs has discovered some of the most vulnerable sectors and departments against the widespread phishing attacks. The study is based on a data-set of 410 thousand phishing emails in a period of one year. It was found that nearly 90% of successful cyber-attacks happen via emails.

The email-based cyberattacks use fraudulent and deceptive social engineering techniques – to bypass several security mechanisms and controls. Sadly, 1 out of 8 employees shares the data/information asked in phishing emails. Basically, 1 out of 2 users reads phishing emails, and 1 out of 3 opens file attachments or clicks links in a phishing email. This causes the installation of unknown malware or ransomware.

Read More: Coronavirus and WFH – Reveals Gaps in Cybersecurity Safety Net

According to the same report, the industries that are most vulnerable to cyber-attacks are: consulting (63%), clothing and accessories (48%), education (47%), technology (40%), and holdings/conglomerates (32.37%). Besides, the top three departments that are most impacted: law / audit / internal control (59%), procurement / administrative affairs (58%), and quality management / health (56%).

Ultimately, a majority of the sensitive data/ information needed by the cybercriminals is accessible through the people working in such vulnerable units. This, in turn, positions a severe threat to their organizations. Reportedly, users who have confidential access to this high-valued, prized information are the key source that prompt the hackers to infiltrate businesses and execute their planned, malicious campaigns.