The cybersecurity company Proofpoint recently released its annual report on user phishing awareness, vulnerability, and resilience. According to the report, 78 percent of organizations experienced email-based ransomware attacks in 2021, while 77 percent saw business email compromise attacks (BEC) increase 18 percent compared to 2020. These results demonstrate the continuing focus of adversaries to compromise users via non-technical social engineering tactics compared to exploiting technical vulnerabilities. Indeed, 83 percent of respondents noted their organization experienced at least one successful email-based phishing attack, up from 57 percent in 2020. Many workers also exhibited risky behaviors, with 42 percent reporting they took a dangerous action, such as clicking a malicious link or exposing personal data.

Proofpoint surveyed 600 IT professionals, 3,500 workers across the world, and analyzed almost 100 million simulated phishing attacks sent by its customers over a one-year period to compile its report. “As email remains the favored attack method for cyber criminals, there is clear value in building a culture of security,” stated Alan Lefort, SVP and GM of Security Awareness Training for Proofpoint. “In this evolving threat landscape and as work-from-anywhere becomes commonplace, it is critical that organizations empower their people and support their efforts to learn and apply new cyber skills, both at work and at home.” Read more at HelpNetSecurity.