Security News > 2020 > January > How to protect your organization against targeted phishing attacks

Beyond automated security tools, there are more people-centric strategies that businesses should adopt to protect themselves against phishing attacks, as described in the 2020 State of the Phish report released Wednesday by the security firm Proofpoint.

About 60% of the respondents said their organization faced fewer or about the same number of phishing attacks last year compared with 2018.

Organizations measure the costs of phishing attacks in a number of ways.

Looking at attacks by a specific method of social engineering, 88% of organizations faced spear phishing attacks, 86% faced business email compromise, 86% social media-based attacks, 84% smishing, 83% vishing, and 81% malicious USB drops.

At a minimum, answer these three first: 1) Who in my organization is being targeted by attackers? The answer is not as simple as looking at the top tiers of your org chart; 2) What types of attacks are they facing? Knowing the lures and traps attackers are using can help you better position your defenses; and 3) How can I minimize risk if these attacks get through? The answer is to use the information you've gathered to deliver the right training to the right people at the right time.

News URL

https://www.techrepublic.com/article/how-to-protect-your-organization-against-targeted-phishing-attacks/#ftag=RSS56d97e7