Security News > 2020 > January > How to protect your organization against targeted phishing attacks
Beyond automated security tools, there are more people-centric strategies that businesses should adopt to protect themselves against phishing attacks, as described in the 2020 State of the Phish report released Wednesday by the security firm Proofpoint.
About 60% of the respondents said their organization faced fewer or about the same number of phishing attacks last year compared with 2018.
Organizations measure the costs of phishing attacks in a number of ways.
Looking at attacks by a specific method of social engineering, 88% of organizations faced spear phishing attacks, 86% faced business email compromise, 86% social media-based attacks, 84% smishing, 83% vishing, and 81% malicious USB drops.
At a minimum, answer these three first: 1) Who in my organization is being targeted by attackers? The answer is not as simple as looking at the top tiers of your org chart; 2) What types of attacks are they facing? Knowing the lures and traps attackers are using can help you better position your defenses; and 3) How can I minimize risk if these attacks get through? The answer is to use the information you've gathered to deliver the right training to the right people at the right time.
News URL
Related news
- How Phishing Attacks Adapt Quickly to Capitalize on Current Events (source)
- Google raps Iran's APT42 for raining down spear-phishing attacks (source)
- Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks (source)
- Cybercriminals exploit file sharing services to advance phishing attacks (source)
- CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait (source)
- How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back (source)
- Novel attack on Windows spotted in phishing campaign run from and targeting China (source)
- Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks (source)
- Australian Organisations Targeted by Phishing Attacks Disguised as Atlassian (source)
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)