IT Security

Phishing attacks surveyed

by Mark Rowe

UK office workers are bombarded with phishing emails with the majority seeing as many as ten attacks hitting their inboxes every day, a survey from an anti-phishing product firm has suggested.

The survey, by One Poll, looked at the attitudes of 1,000 UK office workers towards phishing attacks and revealed that over a third believe they are seeing more phishing emails today than they were a year ago. During this year, 16 percent of office workers claim to have fallen victim to a phishing attack, however there are probably a lot more that don’t know they were victims.

Rohyt Belani, CEO of PhishMe, said: “These figures highlight exactly how big a problem phishing and malware attacks are to UK organisations. Spear-phishing emails are contextual, focus on triggering an emotional response, and target specific groups, which makes them very difficult to spot.”

“Today, threat actors will undertake extensive research into their targets to make their emails appear genuine and increase the chance of a recipient taking action. Over the last year we have seen a significant increase in the sophistication of phishing emails; attackers even emulate conversations via email to build confidence with the potential victim before launching the attack. Organisations must enhance their security defences with a continuous programme where they train their staff how to recognise and report phishing emails in a timely manner,” added Rohyt.

He suggests effective behaviour management ensures that employees stop and think twice before believing every email they receive. For example, they will know to look at the underlying URL, not just the displayed text, to see where the link is actually going. For starters, they develop the necessary levels of suspicion related to email communications and think “was I expecting this email?” or “do I know this person?”

Phishing has proven to be an effective low-cost attack vector that bypasses most traditional detection methods, the firm says. Several prominent security firms have confirmed in their research to be the top attack method threatening the enterprise today. With cyber criminals, nation-state actors, and most recently hacktivists like the Syrian Electronic Army, carrying out successful attacks via email, office workers can only expect more of the sam, the firm adds.

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing