Skip to main content

IT pros believe their CEOs are phishing victims

Out of 300 IT professionals attending the Infosecurity Europe conference, almost half (49 per cent) believe their CEO has fallen victim to a targeted phishing attack.

The results have been published in a new paper by unified security management and crowd-sourced threat intelligence company, AlienVault (opens in new tab).

More than three quarters (82 per cent) still worry their CEO might be vulnerable to such attacks, but many fail to educate their CEOs and help them spot them.

Less than half (45 per cent) are training everyone in their organisation, including the CEO, to spot phishing attempts, 35 per cent offer such training to 'most employees', while 20 per cent do not conduct any training, whatsoever.

“The challenge that lies here is two-fold. Firstly, most phishing scams that target execs are well-crafted and researched. Similar-looking domains are registered and execs are carefully researched. Secondly, many execs have personal assistants who manage their day-to-day operations and who are often more susceptible to social engineering techniques,” said Javvad Malik, security advocate at AlienVault.

“As such, it is important to train all users within an organisation as attackers will always try to strike at the weakest links, who may not even be internal employees. CEO fraud also routinely targets third party suppliers, partners and customers, so awareness should be spread to all associated parties. To stay a step ahead, security teams need to monitor third party activity closely and use threat intelligence networks to keep abreast of the latest scams being employed by criminals.”

Image Credit: wk1003mike / Shutterstock

Sead Fadilpašić is a freelance tech writer and journalist with more than 17 years experience writing technology-focussed news, blogs, whitepapers, reviews, and ebooks. And his work has featured in online media outlets from all over the world, including Al Jazeera Balkans (where he was a Multimedia Journalist), Crypto News, TechRadar Pro, and IT Pro Portal, where he has written news and features for over five years. Sead's experience also includes writing for inbound marketing, where he creates technology-based content for clients from London to Singapore. Sead is a HubSpot-certified content creator.