Three quarters of organisations (76 per cent) were hit by phishing attacks last year, new figures have claimed.
A report by Wombat Security Technologies discovered that 2017 saw a major increase in phishing attacks, with reports of malware infections and compromised accounts rising more than 80 per cent.
However the report notes that increased customer awareness of phishing has meant that things could have been much worse. Click rates on suspicious links in emails are in a decline, while the number of emails reported for being shady are on the rise.
UK organisations are less likely to assess end users’ susceptibility to phishing attacks, but instead would use passive security awareness and training tools. US organisations, on the other hand, favour interactive training methods delivered on a monthly or quarterly basis.
“The State of the Phish Report shows that simulated phishing attacks are certainly valuable tools in the battle against social engineering attacks, but it also reinforces the need for CSOs, CISOs and their teams to take a broader view of cybersecurity education,” said Joe Ferrara, President and CEO of Wombat Security.
“A cyclical approach to security awareness and training is the most effective. Organisations should employ a methodology that both raises awareness of cybersecurity best practices and teaches users how to employ these practices when they inevitably face a security threat.”
Image Credit: wk1003mike / Shutterstock