Over Half of Organizations Successfully Phished in 2019

According to Proofpoint’s just released State of the Phish report, 55 percent of surveyed organizations dealt with at least one successful phishing attack in 2019. The survey involved more than 600 information security professionals, who also reported a high frequency of social media engineering attempts across a range of methods. Other forms of attack reflected cyber criminals’ continued focus on compromising individual end users. Spear-phishing attacks were reported by 88 percent of organizations worldwide, while 86 percent reported business email compromise (BEC) attacks and social media attacks. Phishing via text/SMS, or “smishing,” struck 84 percent of organizations, while 83 percent reported experiencing voice phishing, or “vishing.” On a positive note, the report revealed that equipping individuals with instructions on how to avoid phishing  garnered good results. Seventy-eight percent of organizations reported that security awareness training activities resulted in measurable reductions in phishing susceptibility. “We recommend taking a people-centric approach to cybersecurity by blending organization-wide awareness training initiatives with targeted, threat-driven education,” said Joe Ferrara, senior vice president and general manager of security awareness training for Proofpoint. “The goal is to empower users to recognize and report attacks.” Read the report at Proofpoint.