Security News > 2020 > January > How to protect your organization against targeted phishing attacks
Beyond automated security tools, there are more people-centric strategies that businesses should adopt to protect themselves against phishing attacks, as described in the 2020 State of the Phish report released Wednesday by the security firm Proofpoint.
About 60% of the respondents said their organization faced fewer or about the same number of phishing attacks last year compared with 2018.
Organizations measure the costs of phishing attacks in a number of ways.
Looking at attacks by a specific method of social engineering, 88% of organizations faced spear phishing attacks, 86% faced business email compromise, 86% social media-based attacks, 84% smishing, 83% vishing, and 81% malicious USB drops.
At a minimum, answer these three first: 1) Who in my organization is being targeted by attackers? The answer is not as simple as looking at the top tiers of your org chart; 2) What types of attacks are they facing? Knowing the lures and traps attackers are using can help you better position your defenses; and 3) How can I minimize risk if these attacks get through? The answer is to use the information you've gathered to deliver the right training to the right people at the right time.
News URL
Related news
- Free Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User Credentials (source)
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks (source)
- GitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing Attacks (source)
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)