Skip to main content

Nearly half of UK SMEs hit by phishing attacks

(Image credit: Image source: Shutterstock/wk1003mike)

British businesses are being hit by more phishing attacks than ever before, new research has found.

A report from CybSafe discovered that nearly half (43 percent) of small businesses in the UK have been targeted by a phishing attempt in the past year as hackers go after smaller targets.

Two-thirds (66 percent) of those affected then fell victim to a successful phishing attempt, showing the damaging potential the attacks pose, with email phishing attacks voted more dangerous than phone phishg.

Despite the growing threat, the study revealed that many businesses are failing to protect themselves adequately against phishing attacks. CybSafe found that less than half (47 percent) claimed to already have a cyber security training and awareness programme in place.

"Phishing is currently the dominant attack vector for entry into networks, and its popularity isn’t hard to understand," said Oz Alashe, CEO, CybSafe.

"It’s easy to carry out, easy to profit from, and from the perspective of cyber security professionals, it’s notoriously difficult to defend against. Just one individual falling victim can be enough to give criminals the foothold required to access confidential information." 

Impersonation phishing attacks - personalised attacks which involve the impersonation of friends or family, or other members of staff - pose a particular threat. These attacks are highly convincing and have high success rates.”

"Despite the severity of this threat, UK businesses are taking very little action at the moment. Of those that are doing something, many are simply paying lip-service to security training for compliance reasons, and aren’t demonstrably reducing their human cyber risk.”