Security News > 2021 > August > Phishing Costs Nearly Quadrupled Over 6 Years
Research shows that the cost of phishing attacks has nearly quadrupled over the past six years: Large U.S. companies are now losing, on average, $14.8 million annually, or $1,500 per employee.
What businesses shell out for extortion payments in ransomware attacks or what gets jimmied out of them in fraudulent BEC wire transfers are both just portions of the true costs of phishing attacks, according to the study, titled The 2021 Cost of Phishing.
"Because phishing attacks increase the likelihood of a data breach and business disruption, most of the costs incurred by companies come from lost productivity and remediation of the issue rather than the actual ransom paid to the attackers."
It's the lost productivity and mopping up that eat up the lion's share of the costs of phishing attacks, with a host of other investigative and compliance costs in the mix.
In this, the most current study, annual cost of phishing for BEC was estimated to be $5.97 million, while average ransomware costs were estimated to total $996,000.
BEC costs nearly $6 million annually for a large organization.