Sophos has just published the investigation “Phishing Insights 2021”, which analyzes the experience and understanding of phishing in organizations, globally and during 2020.
The results show that phishing attacks aimed at organizations increased considerably during the pandemic, as the millions of employees telecommuting became the main target for cyber-attackers.
The vast majority of IT teams (70%) reported that the number of phishing emails received by their employees increased in 2020. This figure rose to 82% in organizations that suffered ransomware attacks during the year.
Other highlights of this investigation:
- There is no consensus among IT professionals on the definition of phishing. The most common definition of phishing, selected by 57% of respondents, is “emails that falsely claim to be sent by a legitimate organization, usually combined with a threat or a request for information”. 46% consider Business Email Compromise (BEC) attacks to be phishing and more than a third (36%) believe that the threadjacking (when attackers engage in a legitimate email conversation as part of an attack) it should also be considered phishing.
- The overwhelming majority of organizations (90%) organize cybersecurity awareness programs focused on phishing attacks. However, according to the results of this survey, education and awareness programs on phishing should consider the wide range of commonly accepted concepts, and include training for non-technical contributors to explain the different facets of phishing and email attacks in general.
“Phishing has been around for over 25 years and continues to be an effective cyber attack technique. One of the reasons for its success is its capacity for constant evolution and diversification, adapting attacks to certain issues or concerns, such as the case of the pandemic, and taking advantage of human emotions and confidence.” commented Chester Wisniewski, Principal Research Scientist at Sophos.
“It is tempting for organizations to view phishing attacks as low-risk threats, which underestimates their power. Phishing is often the first step in a complex, multi-phased attack. According to Sophos Rapid Response, attackers often use phishing emails to trick users into installing malware or sharing credentials that grant access to corporate networks. Our team has seen firsthand how seemingly innocuous emails can lead to multi-million dollar ransomware attacks. cryptojacking and data theft – and even monetary theft – are potential results of an attack after phishing has opened doors to the enemy.”
The ideal will be to prevent phishing emails from even reaching their recipient. Effective email security solutions contribute a lot to this, but they must be complemented with prepared and attentive employees, able to detect and report suspicious messages before they get any further.