Hi! My name is Brad.
As an IT professional, I’ve seen the evolution of security threats enterprises face including the current state of phishing attacks. As cybercriminals continue to evolve their methods and attacks, it’s essential to fully understand the current state of security threats to be able to properly defend your enterprise against them.
To help protect your enterprise from evolving security threats, it’s essential to understand trends that are affecting other organizations and the efforts they are undertaking to protect themselves against the ever-dangerous phishing threat.
Recent reports have noted that cybercriminals are becoming more strategic about the brands and industries they’re targeting and also their methods of attack. With 45% of enterprises experiencing phishing attacks via phone calls and SMS/text messaging and 3% of enterprises experiencing USB-based social engineering attacks, the evolution of cybersecurity threats organizations are facing today is drastically evolving.
As phishing attacks on enterprises become more and more popular for cybercriminals to execute, it’s essential to send phishing test emails enterprise-wide to ensure all employees are well-equipped with the knowledge of how to avoid and report these attacks.
It has been shown that commercial-style phishing emails tend to fool users most often and should be added, with consumer-themed phishing tests and corporate-style phishing simulations, to enterprise-wide tests to ensure that employees can spot a phishing email scam before they fall victim to it.
Though click rates on phishing email scams have been going down, the war against phishing is still ongoing. Cybercriminals use many templates to attack enterprises like online shopping security update emails, corporate voicemails from unknown callers, and corporate email improvement templates.
In addition to keeping up with the latest phishing trends used by cybercriminals, it’s essential to understand what other organizations are falling for. Two phishing templates that have a near 100% click rate by enterprise professionals include a database password reset alert and an updated building evacuation plan.
Since phishing scams can cause an enterprise to lose productivity for employees, lose proprietary information that impacts the business, damage the reputation of the enterprise, and much more, being well-equipped against phishing attacks is essential in our current digital landscape.
With more intelligence gathering and conducting monthly or quarterly training cycles, your enterprise can be better prepared to avoid phishing attacks and reduce your risk of a major breach.
If you want to learn more about the state of phishing in 2018, click the link below for more information.